Q
Problem solve Get help with specific problems with your technologies, process and projects.

What is the typical procedure for installing a CA certificate?

While Windows already comes preinstalled with a number of CA certificates, here's what to do if you need to install it.

A CA certificate (or a Certificate Authority certificate) is a special type of certificate that is used to make...

a device trust a particular certificate authority. If a device has a certificate installed, then the device will trust any certificates that have been issued by the certificate authority.

In many cases the installation of a CA certificate is unnecessary. Most operating systems already have a number of CA certificates installed by default. These default CA certificates are tied to well-known commercial certificate authorities such as GoDaddy or VeriSign. Therefore, it is only necessary to install a CA certificate if a device needs to trust a lesser known or a home grown certificate authority.

There isn't really a standard procedure for downloading and installing a CA certificate. The method that must be used depends on a number of factors such as the type of server that is being used as a certificate authority, the way that the certificate authority is configured, and the operating system being used on the device on which you want to install the CA certificate.

Windows servers that are configured to act as a certificate authority are commonly configured in a way that allows an administrator to generate and download certificates using a Web interface. The URL for this Web interface is usually https://<the server's FQDN>/CertSRV. There is an option within the Web interface to download a CA certificate.

If the CA certificate is being installed onto a Windows PC, the certificate is installed through the Certificates console. On a Windows 8 PC, you can access the certificate store for the local machine by entering CertLM.msc at the Run prompt. The CA certificate is usually installed into the Trusted Root Certification Authorities of the Third Party Root Certification Authorities container.

You can usually install a CA certificate onto a mobile device by emailing the certificate to someone who has an email account set up on the device. The certificate can be opened as an attachment and will be installed onto the device.

This was last published in September 2014

Dig Deeper on Windows Identity and Access Management

PRO+

Content

Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchServerVirtualization

SearchCloudComputing

SearchExchange

SearchSQLServer

SearchEnterpriseDesktop

SearchVirtualDesktop

Close