How to make IE8 (or IE9) trust a third-party certification authority (in 23 steps)

Published on
15,290 Points
1 Endorsement
Last Modified:
If you want to securely publish websites, web-based E-mail services, terminal server gateways, etc. for in-house users, an internal enterprise certificate authority is often an acceptable solution without the expense of purchasing a certificate from a commercial certificate authority.  (Another option is to use self-signed certificates.  This procedure can be applied to self-signed certificates, with a slight modification.)

The problem is that users that do not trust the internal certificate authority will see the security warning when they browse to the website.

Here's how to eliminate the warning:

1.      Browse to the site whose certificate or certificate authority you want to trust.
2.      When told "There is a problem with this website's security certificate.", choose "Continue to this website (not recommended)."
3.      Select Tools->Internet Options.
4.      Select Security->Trusted sites->Sites.
5.      Confirm the URL matches, and click "Add" then "Close".
6.      Close the "Internet Options" dialog box with either "OK" or "Cancel".
7.      Refresh the current page.
8.      When told "There is a problem with this website's security certificate.", choose "Continue to this website (not recommended)."
9.      Click on "Certificate Error" at the right of the address bar and select "View certificates".

(if it is a self-signed certificate, skip to step 13)

10.      Click the Certification Path tab
11.      Click the root CA
12.      Click View Certificate
13.      Click on "Install Certificate...", then in the wizard, click "Next".
14.      On the next page select "Place all certificates in the following store".
15.      Click "Browse", select "Trusted Root Certification Authorities", and click "OK".
16.      Back in the wizard, click "Next", then "Finish".
17.      If you get a "Security Warning" message box, click "Yes".
18.      Dismiss the message box with "OK".
19.      Select Tools->Internet Options.
20.      Select Security->Trusted sites->Sites.
21.      Select the URL you just added, click "Remove", then "Close".
22.      Now shut down all running instances of IE, and start up IE again.
23.      The site's certificate should now be trusted.

(modified from a post on this discussion.)
Ask questions about what you read
If you have a question about something within an article, you can receive help directly from the article author. Experts Exchange article authors are available to answer questions and further the discussion.
Get 7 days free