How Do I ... Install UWO Certificate Authorities Certificate into Web Browsers
Contents
- Introduction
- Install certificate into Mozilla Firefox 3.5
- Install certificate into Windows Internet Explorer 8
- Install certificate into Safari 3.2 for the Mac
- Verify the certificate authorities certificate is the correct one
Introduction
A Certificate Authority (CA) is one of the major components of a Public Key Infrastructure (PKI) which provides the means to digitally sign or encrypt communications between two parties. A CA acts as a trusted third party which verifies a person or server is who they claim to be. Once an entity is verified by the CA a Public Key Certificate (PKC) is created which is used to provide the encryption.
In order for web browsers like Mozilla Firefox or Windows Internet Explorer to trust a Certificate Authority they must have its root certificate installed into their certificate database. Following these instructions will allow you to install the root certificate for UWO's Certificate Authority into your web browser. Once completed you will be able to seamlessly connect to web servers which use UWO's Certificate Authority to provide secure connections.
Install Certificate into Mozilla Firefox 3.5
Note that these instructions are for Mozilla Firefox 3.5. Other versions of the browser may have different steps to install a Root Certificate.
To install UWO's Certificate Authorities root certificate into Mozilla Firefox:
- Start Mozilla Firefox, open URL http://www.uwo.ca/its/pki/CA and click on the link for the UWO Root Certificate.
-
Firefox will pop up a window called Downloading Certificate.
click on View -> Examine CA certificate
- Under the General tab:
Information about the Certificate Authority is provided. Verify the following info:
- Issued to:
- The complete information for the certificate is provided. Verify :
Common name (CN): UWO Certificate Authority
Organization (O): The University of Western Ontario
Organizational Unit (OU): Information Technology Services Serial Number: 00
Issued by:
Common name (CN): UWO Certificate Authority
Organization (O): The University of Western Ontario
Organizational Unit (OU): Information Technology Services- SHA1 Fingerprint : 38:FF:2E:1C:86:A6:7A:C0:EB:92:03:B6:FE:CA:85:19:94:8E:EF:4D
- Under the General tab:
- if all is correct click Close
-
You will be requested to check off which services you want to allow this
Certificate Authority to Certify.
Do you want to trust "UWO certificate Authority" for the following purposes?
Trust this CA to indentify web sites.
Trust this CA to indentify email users.
Trust this CA to indentify software developers. - Check off all three and click OK
The certificate is now installed into the browser.
Install certificate into Windows Internet Explorer 8
Note that these instructions are for Microsoft Internet Explorer version 8. Other versions of the browser may have different steps to install a Root Certificate.
To install UWO's Certificate Authorities root certificate into Windows Internet Explorer 8:
-
- Start Windows Internet Explorer, open URL http://www.uwo.ca/its/pki/CA and click on the link for the UWO Root Certificate.
- IE will display the following message in the File Download -
Security Warning Window:
Do you want to open or save this file?
File name: cacert.cer
Type: Security Certificate
From: www.uwo.ca - Select Open
- Select the second tab titled Details and the click on Subject Field. In the bottom panel verify:
The Certificate window will open listing the properties of the certificate. On the General tab verify:
Issued to: UWO Certificate Authority
Issued by: UWO Certificate Authority
Valid from dd/mm/yyyy to dd/mm/yyyy-
E = web-certificates@uwo.ca
- Scroll down below the Subject field and click on Thumbprint Field and verify its value in the bottom panel is:
CN = UWO Certificate Authority
OU = Information Technology Services
O = The University of Western Ontario
L = London
S = Ontario
C = CA- 38:ff:2e:1c:86:a6:7a:d0:eb:92:03:b6:fe:ca:85:19:94:8e:ef:4d
- If this matches, select the first tab titled General and click on Install Certificate
- A new window will open called the Certificate Import Wizard. Click Next
- You will be requested to select a certificate store. Select the option Automatically select the certificate store based on the type of certificate and click Next
- Completing the Certificate Import Wizard
You have successfully completed the Certificate Import wizard
select Finish - The following Security Warning will appear
- click Yes to install certificate
- The import was successful.
Select OK - Close wizard by selecting OK
The certificate is now installed into Windows Internet Explorer 8.
Install certificate into Safari 3.2 for the Mac
Note that these instructions are for Safari version 3.2 for the Mac. Other versions of the browser may have different steps to install a Root Certificate.
To install UWO's Certificate Authorities root certificate into Safari 3.2:
- Start Safari 3.2, open URL http://www.uwo.ca/its/pki/CA and click on the link for the Root Certificate.
- Safari will display the Downloads window:
Doubleclick the file cacert.cer- The Add Certificates window opens. Accept the Keychain: login selected by default and then select OK.
- The Keychain Access windows opens. You are asked "Do you want your computer to trust certificates signed by UWO Certificate Authority from now on."
Select Always Trust.- Keychain Access prompts you to type your username and password. The UWO Certificate Authority is installed in the Keychain Access.
- Close Keychain Access.
The certificate is now installed into Safari 3.2 for the Mac.
Verify the Certificate Authority Certificate is the Correct one.
In Mozilla Firefox:
- From the menu across the top select Tools -> Options -> -> Advanced -> Encryption -> View Certificates -> Authorities
- Scroll down the list and highlight UWO Certificate Authority
- then select the View button In the general tab verify:
Certificate SHA1 Fingerprint: 38:FF:2E:1C:86:A6:7A:C0:EB:92:03:B6:FE:CA:85:19:94:8E:EF:4D
If the fingerprint matches then you have the correct certificate. Close the window by selecting Close the OK twice.
In Microsoft Internet Explorer:
- From the menu across the top select Tools -> Internet Options
- In the Internet Options window that opens select the tab Content
- In the second panel click on Certificates...
- In the Certificate Manager window select the tab Trusted Root Certification Authorities
- Scroll down the list and highlight UWO Certificate Authority and click on View
- In the Certificate window select the tab Details and in the top panel select Thumbprint. In the bottom panel verify its value to be:
38:FF:2E:1C:86:A6:7A:C0:EB:92:03:B6:FE:CA:85:19:94:8E:EF:4D- If the thumbprint matches then you have the correct Certificate. Close all windows.
Disclaimer: The provided instructions are for information purposes only. Neither The University of Western Ontario nor the Division of Information Technology Services assume any responsibility for loss of use or damage to a computer system (including any data or software contained within the computer system) which is the result (directly or indirectly) of the application of these instructions. Any problems, questions or concerns not addressed by these instructions should be directed to the vendor and/or the manufacturer and not to The University of Western Ontario or any of its employees or incumbents.
©2010, The University of Western Ontario. Permission is granted to copy in whole or in part provided that due credit is given to the authors, Information Technology Services, and The University of Western Ontario.
