Install root certificates on Windows
Trusted root certificates
It is recommended that secure connections are protected by an SSL certificate signed by a public certificate authority (CA). However, during testing or evaluation phases, you may choose to use a certificate chain signed by a private or internal CA. In this case, you will need to install the trusted root SSL certificate on each of your client devices.
You can avoid having to install the trusted root certificate onto each client by using certificates signed by a public CA.
Free, time-limited certificates are available from some public CAs and are recommended to cover testing or evaluation periods.
If you experience difficulties with a certificate issued by a public CA, then review the appliance certificate configuration.
Network provisioning tools are available for installing trusted SSL certificates onto clients. However, the instructions below focus on individual client devices.
Web browsers and the File Director Client use the operating system certificate store. So, if you install the certificate in the operating system then both the File Director Client and Internet Explorer automatically trust the server certificate.
This procedure describes one method of installing the root certificate using Internet Explorer and Microsoft Management Console on Windows 7.
- In Internet Explorer, browse to the File Director Website or File Director Admin console as follows:
- Website: https://<server_address>
- Admin console: https://<server_address>
- The browser displays a security warning.
- Click Continue to the website.
- In the address bar, right-click the certificate and select View Certificates.
- On the certificate dialog, click the Details tab.
- Click Copy to file.
In the wizard, select Base-64 encoded binary X.509 (.CER).
The saved file contains the certificate. You can view the file in a text editor to see the certificate.
The certificate must be installed as a trusted certificate for the computer. To do this, run the Microsoft Management Console (MMC) as administrator and add the Certificates snap-in. If MMC is run as a standard user, trusted certificates can only be added at the user account level.
- Click the Windows Start button.
- In the search box, begin typing mmc.exe, right-click the mmc.exe entry in the search results and select Run as Administrator.
- Select File > Add/Remove Snap-in.
- Select Certificates and click Add.
- In the Certificates snap-in dialog, select Computer account and complete the wizard.
- Click OK.
- In the MMC console, expand Certificates.
- Right-click Trusted Root Certificates and select All Tasks > Import.
- Follow the Certificate Import Wizard to import the certificate.
After installing the certificate, close and reopen Internet Explorer and load the File Director Website or File Director Admin console. If the certificate installed correctly and is valid, the security warning no longer displays.