PKI Tutorials - Herong's Tutorial Examples

∟Digital Signature - OpenOffice.org 3

∟Importing CA Certificates into the Trusted Store

This section provides a tutorial example on how to import a root CA certificate into the 'Trusted Root Certificate Authorities' certificate store using 'Internet Options'.

To fix the certificate validation error shown in the previous tutorial, Amy needs to import "CAcert.org" certificate into the "Trusted Root Certificate Authorities" certificate store.

1. Click "Start > Control Panel > Internet Options". The "Internet Properties" dialog box shows up.

2. Click "Content" tab, then "Certificate" button. The "Certificates" dialog box shows up.

3. Click "Trusted Root Certificate Authorities" tab, then "Import" button. The "Certificates Import Wizard" shows up.

4. Follow the instruction to import "CAcert.org" certificate stored in CACertSigningAuthority.crt. If you lost this file, you can get it from CAcert.org Website.

5. At the end, the wizard prompts a warning message:

You are about to install a certificate from a certificate authority
(CA) claiming to represent:

CA Cert Signing Authority

Windows cannot validate that the certificate is actually from
"CA Cert Signing Authority". You should confirm its origin by
contacting "CA Cert Signing Authority". The following number will
assist you in this process:

Thumbprint (sha1): 125CEC36 ...

Warning: If you install this root certificate, Windows will
automatically trust any certificate issued by this CA. Installing
a certificate with an unconfirmed thumbprint is a security risk.
If you click "Yes" you acknowledge this risk.

Do you want to install this certificate?

[Yes] [No]

6. Click "Yes" and "CAcert.org" certificate is installed.

Windows is happy now. Amy's certificate can be validated up to a trusted root CA.

Table of Contents

 About This Book

 Introduction of PKI (Public Key Infrastructure)

 Introduction of HTTPS (Hypertext Transfer Protocol Secure)

 Using HTTPS with Google Chrome

 Using HTTPS with Mozilla Firefox

 HTTPS with Microsoft Edge

 Using HTTPS with Apple Safari

 HTTPS with IE (Internet Explorer)

 Android and Server Certificate

 iPhone and Server Certificate

 Windows Certificate Stores and Console

 RDP (Remote Desktop Protocol) and Server Certificate

 macOS Certificate Stores and Keychain Access

 Perl Scripts Communicating with HTTPS Servers

 PHP Scripts Communicating with HTTPS Servers

 Java Programs Communicating with HTTPS Servers

 .NET Programs Communicating with HTTPS Servers

 CAcert.org - Root CA Offering Free Certificates

 PKI CA Administration - Issuing Certificates

 Comodo Free Personal Certificate

 Digital Signature - Microsoft Word

►Digital Signature - OpenOffice.org 3

 OpenOffice.org 3 - Applying Digital Signatures

 Converting KeyStore Files to PKCS12 Files

 Importing Private-Public Key Pair with Internet Options

 Viewing a Certificate with a Private Key

►Importing CA Certificates into the Trusted Store

 Signing OpenOffice.org 3 Document Failed

 Generating CSR for a Personal Certificate

 Getting Personal Certificate Signed by CAcert.org

 Storing Personal Certificate with Its Keys

 Installing Personal Certificate with Internet Options

 Signing OpenOffice.org 3 Document Worked

 S/MIME and Email Security

 PKI (Public Key Infrastructure) Terminology

 Archived Tutorials

 References

 Full Version in PDF/EPUB

Importing CA Certificates into the Trusted Store - Updated in 2022, by Herong Yang