Browser Installation of CA Certificates

Each browser talking to a Web server that uses a locally generated certificate (for example, a server certificate generated by a Certificate Authority (CA) on a corporate intranet) must obtain and install the CA certificate for the CA that issued the server certificate. The CA certificate is used by the browser to validate the server certificate.

Installing CA certificates into Microsoft® Internet Explorer version 3.0 or later is accomplished by loading the Certificate Authority Certificate List Web page at the Shared Folder location. After the CA certificate is installed in the browser, exit and restart the browser to use the certificate.

Microsoft Internet Explorer 3.0 or later provides a user interface for accepting new CA certificates called site certificates. Accepting and enabling a new CA (site) certificate adds it to the CA certificates that the browser can use to connect to secured servers. If it is accepted but not enabled, then it can be made available at some future time by enabling it with the browser. If it is not accepted (rejected) then the CA certificate will not be available for use by the browser.

When a CA certificate has been selected, the New Site Certificate dialog will appear.

Select any of the listed actions to perform:

• Accept and enable the CA certificate.
  
  
• Accept but do not enable the CA certificate.
  
  
• Reject the CA certificate.

To view the certificate, click View Certificate, and the Properties dialog is displayed.

The Properties dialog displays certificate properties and indicates whether the certificate is valid. Selecting a field in the Field list box causes the field's details to be displayed in the Details list box.