SSL certificate installation

This network employs various technologies which involve the use of locally generated SSL certificates. In order for these technologies to work effectively (in particular, to avoid browser security warnings and ensure compatibility with mobile applications), your computer or mobile device must install and trust the network's SSL root certificate.

This guide will help you install the SSL root certificate as a trusted root CA certificate on a Windows / Active Directory Group Policy Object (GPO). Certificates installed via Group Policy will be respected by all browsers which use the operating system's built-in certificate store — this includes Internet Explorer, Edge, and Chrome.

Step 1

First, click the Download Certificate button below; this will begin a download of the file to your computer.

Step 2

Windows save prompt

Depending on your browser and configuration, you will probably be asked whether you would like to open the file or save it; choose Save, and, if prompted, save the file to an easily accessible location (such as the Desktop).

(Note: These image show Internet Explorer 8 and Windows Server 2003; you may not see exactly the same thing if you are using another browser or a different version of Windows; however, the general process and wording should be the same.)

Step 3

Windows Administrative Tools

Using an account with sufficient administrative permissions, launch the Group Policy Management utility. This can usually be found under Administrative Tools in either the Start menu or the Control Panel.

Step 4

Windows Group Policy Management

Highlight the Group Policy Object you'd like to modify — if you aren't sure which one it is, please contact your network administrator or directory vendor — and right-click it. Then, select Edit.

Step 5

Windows Group Policy Object Editor

The Group Policy Object Editor will open next. In the left-hand column, expand (double-click) the list items as follows: Computer Configuration > Windows Settings > Security Settings > Public Key Policies > Trusted Root Certification Authorities.

Right-click on Trusted Root Certification Authorities and select Import.

Step 6

Windows Certificate Import Wizard

The Certificate Import Wizard will open; click Next.

Step 7

Windows Certificate Import Wizard

You will be asked to specify the certificate file to import; click the Browse button to the right.

Step 8

Windows Open dialogue

An Open dialogue will appear, allowing you to select a file. Locate the certificate file you saved earlier, highlight it, and click Open.

Step 9

Windows Certificate Import Wizard

The File to Import screen should now show the certificate file name; click Next.

Step 10

Windows Certificate Import Wizard

You will be prompted for a certificate store. The correct option — to place the certificate in the Trusted Root Certification Authorities store — should already be selected; click Next.

Step 11

Windows Certificate Import Wizard

At the Completing the Certificate Import Wizard screen, press the Finish button.

Step 12

Windows Certificate Import Wizard

A confirmation will appear, indicating that the certificate import was successful. Press OK.

Step 13

You're done! You may close any remaining certificate windows and continue working as usual; the certificates will be installed to each applicable work station upon their next log-in. In most cases, you (and your users) will not notice anything different after the certificate is installed.