PKI Tutorials - Herong's Tutorial Examples - Version 2.04, by Dr. Herong Yang
Failing to Import Root CA Certificates to Firefox 35
This section provides a tutorial example on how to import a root CA certificate into Firefox 35. The import process failed with an error.
If I don't want to add a security exception to trust the Yahoo site when Firefox gives me the "This Connection is Untrusted" error, I need to fix the error.
Since I know why I am getting the "This Connection is Untrusted" error on the Yahoo login page, I can try to fix by importing the root CA certificate "VeriSign Class 3 Public Primary Certification Authority - G5" back into Firefox 35 from the certificate file I created earlier.
1. Run Firefox 35, and go to the "Tools" > "Options..." menu.
2. Click the "Advanced" icon, then click the "Encryption" tab.
3. Click the "View Certificates" button. The Certificate Manager dialog box shows up.
4. Click the "Authorities" tab since I want to import a CA (Certificate Authority) certificate.
5. Click the "Import" button. The "Select File containing CA certificate(s) to import" dialog box shows up.
6. Find and select \temp\VeriSign_Root_CA_pem.crt, which contains the "VeriSign Class 3 Public Primary Certification Authority - G5" certificate I created earlier.
7. Click the "Open" button to let Firefox import the certificate. Surprisingly, I got an error message box saying that "This certificate already installed as a certificate authority."
Why I am getting this error? I remember I deleted "VeriSign Class 3 Public Primary Certification Authority - G5" certificate from Firefox. Read the next section to find out the answer.
Last update: 2015.
Table of Contents