PKI Tutorials - Herong's Tutorial Examples

∟CAcert.org - Root CA Offering Free Certificates

∟Installing CAcert.org Root CA in Firefox

This section provides a tutorial example on how to install CAcert.org root CA certificate in Firefox. Note that CAcert.org CA certificate is not pre-installed in Firefox.

As I mentioned in the previous section, Firefox and other popular Web browsers do not recognize CAcert.org as a trusted root CA. Whenever you visit an HTTPS site with server certificate issued by CAcert.org, you will get an error page saying that the server certificate verification is failed.

To fix this issue, you need to install CAcert.org's certificate as trusted root CA certificate into Web browsers manually. Here I how I did it on Firefox.

1. Run Firefox and visit https://support.ntp.org. The "This Connection is Untrusted" error page shows up. This confirms that CAcert.org's certificate is not a trusted root CA certificate in Firefox, because ntp.org's certificate is issued by CAcert.org.

2. Now visit http://www.cacert.org/index.php?id=3. CAcert.org certificates page shows up.

3. Click "Root Certificate (PEM Format)" link. The "Download Certificate" dialog box shows up.

4. Check "Trust this CA to identify Websites" option and click "OK". CAcert.org's root certificate is installed in Firefox now.

5. Close Firefox and run it again to visit https://support.ntp.org. "The NTP Public Services Project" page shows up properly now.

6. View the server certificate path. See other Firefox tutorials in this book for detailed steps. You will see:

CA Cert Signing Authority   - The root CA certificate
 |- support.ntp.org         - The server certificate

Table of Contents

 About This Book

 Introduction of PKI (Public Key Infrastructure)

 Introduction of HTTPS (Hypertext Transfer Protocol Secure)

 Using HTTPS with Google Chrome

 Using HTTPS with Mozilla Firefox

 HTTPS with Microsoft Edge

 Using HTTPS with Apple Safari

 HTTPS with IE (Internet Explorer)

 Android and Server Certificate

 iPhone and Server Certificate

 Windows Certificate Stores and Console

 RDP (Remote Desktop Protocol) and Server Certificate

 macOS Certificate Stores and Keychain Access

 Perl Scripts Communicating with HTTPS Servers

 PHP Scripts Communicating with HTTPS Servers

 Java Programs Communicating with HTTPS Servers

 .NET Programs Communicating with HTTPS Servers

►CAcert.org - Root CA Offering Free Certificates

 About CAcert.org

 Join CAcert.org as a Member

►Installing CAcert.org Root CA in Firefox

 Installing CAcert.org Root CA in IE

 Adding and Validating Domain Names

 Generating Certificate Signing Request (CSR)

 Getting Server Certificate Signed by CAcert.org

 PKI CA Administration - Issuing Certificates

 Comodo Free Personal Certificate

 Digital Signature - Microsoft Word

 Digital Signature - OpenOffice.org 3

 S/MIME and Email Security

 PKI (Public Key Infrastructure) Terminology

 Archived Tutorials

 References

 Full Version in PDF/EPUB

Installing CAcert.org Root CA in Firefox - Updated in 2022, by Herong Yang