There are several ways to get the root CA certificate to the Web
site users. One way is to email it and have the users install it
from the email. Another way is to include a download page on your
Web site with a link to the certificate. A corporate-wide solution
is to use Internet Explorer Administration Kit (IEAK) to push a
customer Internet Explorer browser with the root CA certificate
already installed into the Trusted Root CA list. However you choose
to make the certificate available, one thing stays the same: the
way you install the certificate into the Trusted Root CA list in
Internet Explorer, as this appendix demonstrates.
NOTE: The certificate must be installed in order for Internet Explorer to trust that your site certificate is not the certificate that you just created but rather the root CA certificate, which was created when you installed Certificate Server.
For the purposes of this document, download the certificate by using the Certificate Servers Web interface, which is located at http:// <YourServerName> /CertSrv/. After you have arrived at the Welcome page, select Retrieve the CA certificate or certificate revocation list, and then click Next.
You now have two choices:
1. Click Download CA certificate.
2. Select Save the file to disk.
3. Go to the location where you saved the root CA certificate, and double-click the certificate to open the Properties sheet for that certificate.
4. Click Install Certificate to start the Certificate Import Wizard. Click Next to continue.
5. Select Place all certificates in the following store.
6. Click Browse and select Trusted Root Certification Authorities. Click Next.
settings and then click Finish.
You receive the following message:
The import was successful.
8. Click OK to dismiss this message, and then click OK to close the Properties sheet.
To check if you get the trusted root CA warning again, close and reopen your browser, and then go to the following Web site:
https:// <MySecureWebsite> /Postinfo.html
You have successfully added
your root CA to the Trusted Root CA list in your Internet Explorer
NOTE: The Postinfo.html page is a standard HTML page that is found in the root of default web site.