Trusting Your Root CA on Windows¶

Complete this guide to trust your server’s Root Certificate Authority (Root CA) on Windows.

1. Ensure you have downloaded your Root CA

2. Ensure you have installed bonjour

3. Click the “Start” menu, type “mmc”, and select “Run as administrator” to access the Windows Management Console.

   

4. When the Management Console opens, navigate to File > Add/Remove Snap-in.

   

5. Select “Certificates” in the left side menu, then “Add”. This will open another window.

   

6. Select “Computer account” and click “Next”. Leave defaulted options on the next screen and click “Finish”.

   

7. When you return to the “Add or Remove Snap-ins” page, ensure “Certificates (Local Computer)” exists under “Console Root” in the “Selected snap-ins” section, then click “OK”.

   

8. In the left hand menu of the Management Console, navigate to Certificates (Local Computer) > Trusted Root Certification Authorities > Certificates.

   

9. Right click on the “Certificates” directory, then navigate to All Tasks > Import.

   

10. Click “Next” on the first page of the Certificate Import Wizard, then browse to the location where you saved the downloaded certificate and open it. Then click “Next”.

    

11. On the “Certificate Store” window, ensure that it says “Trusted Root Certificate Authorities” and click “Next”. Then click “Finish” on the final screen.

    

12. Select “OK” when the import is successful.

    

13. Verify your server’s unique <adjective-noun> Local Root CA certificate is in the “Certificates” folder:

    

14. You can save the console settings (where we added a snap-in), if desired. The CA certificate will remain imported to the CA certificate store either way, and you will likely use this guide if you need to import a new certificate.

    

15. If using Firefox, complete this final step