Import Certificate Authority Root Certificate in Google Chrome

From Bonus Bits
Jump to: navigation, search


This article gives the steps to import a CA root certificate into Google Chrome. For example an internal Microsoft CA Root Certificate for your work infrastructure.

The example is using Google Chrome Version 65.0.3325.181 (64-bit) on macOS 10.13.4.

Download CA Cert

There are several ways to acquire the root certificate. Here's one example.

  1. Go to an internal SSL web page that pops up the security warning
  2. Click the lock icon in the browser address bar
  3. Select Certificate invalid link
    Chrome internal cert Import 01
  4. Select a Certificate in the chain starting from the top which should be the CA
  5. Click and drag the certificate icon to a Finder window
  6. It should create a .cer file
    Chrome internal cert Import 02
  7. Repeat for each of the certificates in the chain

Import CA Cert


  1. Open Keychain Access app
  2. Select Keychains System for all users or just login for the current user.
  3. Select Category Certificates
    Chrome internal cert Import 03
  4. Drag and drop the .cer files to the Keychain Access window
  5. When prompted enter your password to modify the Keychain
  6. Right Click the Certificate in the Keychain Access window
  7. Select Get Info
    Chrome internal cert Import 04
  8. Select Trust
  9. Select dropdown menu next to When using this certificate:
  10. Select Always Trust
    Chrome internal cert Import 05
  11. Close info window
  12. Enter password to make change
  13. Repeat for all certificates in the chain
  14. Now the certifcate icons should show a plus sign
    Chrome internal cert Import 06
  15. Restart Chrome
  16. Now the web site should show Secure
    Chrome internal cert Import 07


  1. Open Chrome Settings
  2. Select Advanced...
  3. Select Manage Certificates
  4. Select Authorities
  5. Select Import
  6. Browse to your cer file/s and import individually
  7. Select Done
  8. Restart Chrome