How to make IE8 (or IE9) trust a third-party certification authority (in 23 steps)

If you want to securely publish websites, web-based E-mail services, terminal server gateways, etc. for in-house users, an internal enterprise certificate authority is often an acceptable solution without the expense of purchasing a certificate from a commercial certificate authority.  (Another option is to use self-signed certificates.  This procedure can be applied to self-signed certificates, with a slight modification.)

The problem is that users that do not trust the internal certificate authority will see the security warning when they browse to the website.

Here's how to eliminate the warning:

1.      Browse to the site whose certificate or certificate authority you want to trust.
2.      When told "There is a problem with this website's security certificate.", choose "Continue to this website (not recommended)."
3.      Select Tools->Internet Options.
4.      Select Security->Trusted sites->Sites.
5.      Confirm the URL matches, and click "Add" then "Close".
6.      Close the "Internet Options" dialog box with either "OK" or "Cancel".
7.      Refresh the current page.
8.      When told "There is a problem with this website's security certificate.", choose "Continue to this website (not recommended)."
9.      Click on "Certificate Error" at the right of the address bar and select "View certificates".

(if it is a self-signed certificate, skip to step 13)

10.      Click the Certification Path tab
11.      Click the root CA
12.      Click View Certificate
13.      Click on "Install Certificate...", then in the wizard, click "Next".
14.      On the next page select "Place all certificates in the following store".
15.      Click "Browse", select "Trusted Root Certification Authorities", and click "OK".
16.      Back in the wizard, click "Next", then "Finish".
17.      If you get a "Security Warning" message box, click "Yes".
18.      Dismiss the message box with "OK".
19.      Select Tools->Internet Options.
20.      Select Security->Trusted sites->Sites.
21.      Select the URL you just added, click "Remove", then "Close".
22.      Now shut down all running instances of IE, and start up IE again.
23.      The site's certificate should now be trusted.

(modified from a post on this discussion.)

Comments (2)

Most Valuable Expert 2011
Top Expert 2015

I cannot see the entire conversation since moderator/PE comments are hidden, but based on your responses (which you might want to select "Private Comment" in the future!) I can imagine how the conversation was going.

I have to say that in my opinion this isn't very well written. Firstly, you introduce your article by talking about publishing websites and securing them with certificates. Then you talk about the steps a user needs to take to trust the certificate. The whole time you are using "you", though. Who is the intended audience of this article:  the website owner, or the user browsing the site? Your pronoun choice has blurred that. Secondly, outside of the introduction, this is really just a list of steps--a short one at that. This probably would have been better as a blog post rather than an article.

I acknowledge that you credited the original post, but quite frankly it still rather feels like you haven't added any value--just reposted the information. You did add three steps and a note denoting that one should skip the three steps if the certificate is self-signed, but the title of the post you credited explicitly says, "How to make IE8 trust a self-signed certificate..." Why should I believe your steps over those you credited? That is the kind of value I would expect to be added if you are reposting another's work, and that work is incorrect or incomplete. If you are just reposting for the sake of having an article under your belt, then IMO that is borderline (if not) plagiarism.

Not trying to rain on your parade; just trying to give honest feedback.


Please feel free to delete the article.

Have a question about something in this article? You can receive help directly from the article author. Sign up for a free trial to get started.