Import Certificate Authority Root Certificate in Google Chrome
From Bonus Bits
Purpose
This article gives the steps to import a CA root certificate into Google Chrome. For example an internal Microsoft CA Root Certificate for your work infrastructure.
The example is using Google Chrome Version 65.0.3325.181 (64-bit) on macOS 10.13.4.
Download CA Cert
There are several ways to acquire the root certificate. Here's one example.
- Go to an internal SSL web page that pops up the security warning
- Click the lock icon in the browser address bar
- Select Certificate invalid link
- Select a Certificate in the chain starting from the top which should be the CA
- Click and drag the certificate icon to a Finder window
- It should create a .cer file
- Repeat for each of the certificates in the chain
Import CA Cert
macOS
- Open Keychain Access app
- Select Keychains System for all users or just login for the current user.
- Select Category Certificates
- Drag and drop the .cer files to the Keychain Access window
- When prompted enter your password to modify the Keychain
- Right Click the Certificate in the Keychain Access window
- Select Get Info
- Select Trust
- Select dropdown menu next to When using this certificate:
- Select Always Trust
- Close info window
- Enter password to make change
- Repeat for all certificates in the chain
- Now the certifcate icons should show a plus sign
- Restart Chrome
- Now the web site should show Secure
Windows
- Open Chrome Settings
- chrome://settings/
- Select Advanced...
- Select Manage Certificates
- Select Authorities
- Select Import
- Browse to your cer file/s and import individually
- Select Done
- Restart Chrome