Import Certificate Authority Root Certificate in Google Chrome

Purpose

This article gives the steps to import a CA root certificate into Google Chrome. For example an internal Microsoft CA Root Certificate for your work infrastructure.

The example is using Google Chrome Version 65.0.3325.181 (64-bit) on macOS 10.13.4.

Download CA Cert

There are several ways to acquire the root certificate. Here's one example.

1. Go to an internal SSL web page that pops up the security warning
2. Click the lock icon in the browser address bar
3. Select Certificate invalid link

   

4. Select a Certificate in the chain starting from the top which should be the CA
5. Click and drag the certificate icon to a Finder window
6. It should create a .cer file

   

7. Repeat for each of the certificates in the chain

Import CA Cert

macOS

1. Open Keychain Access app
2. Select Keychains System for all users or just login for the current user.
3. Select Category Certificates

   

4. Drag and drop the .cer files to the Keychain Access window
5. When prompted enter your password to modify the Keychain
6. Right Click the Certificate in the Keychain Access window
7. Select Get Info

   

8. Select Trust
9. Select dropdown menu next to When using this certificate:
10. Select Always Trust

    

11. Close info window
12. Enter password to make change
13. Repeat for all certificates in the chain
14. Now the certifcate icons should show a plus sign

    

15. Restart Chrome
16. Now the web site should show Secure

    

Windows

1. Open Chrome Settings

   chrome://settings/

2. Select Advanced...
3. Select Manage Certificates
4. Select Authorities
5. Select Import
6. Browse to your cer file/s and import individually
7. Select Done
8. Restart Chrome

Sources

• http://portal.threatpulse.com/docs/sol/Content/03Solutions/ManagePolicy/SSL/ssl_chrome_cert_ta.htm