Configure trusted root CA

Trusted root CAs to can be used to avoid man in the middle attacks. During this task we add a Trusted root CA on the Windows client.

This and similar integrations required either CA provided or self signed certificates.
Obtain client and server certificates from a known certificate authority such as DigiCert, Comodo SSL or other authorities.
Okta does not endorse any specific certificate authority.

To add a certificate to Trusted root CA in windows 10:

  1. Open the Microsoft Management Console (MMC).
  2. From the file menu select FileAdd/Remove Snap-in.
  3. In the Add/Remove Snap-in dialog, in the Available snap-ins section, select Certificates and click Add.
  4. In the Certificates snap-in dialog, select Computer account and click Next.
  5. In the Select Computer dialog, select Local computer and click Finish.
  6. Click OK.
  7. Navigate to Console RootCertificates (Local Computer)Personal.
  8. Right-click Personal and select All TasksImport. The Certificate Import wizard starts.
  9. Click Next.
  10. Enter the fully qualified path or use the Browse button to navigate to the directory containing the certificate.
  11. Select the certificate and click Next.
  12. Click Finish. The certificate will be imported.
  13. From Certificates (Local Computer)PersonalCertificates select the newly added certificate and drag it to
    to Certificates (Local Computer)Trusted Root Certification AuthorityCertificates

The new certificate has been successfully added as a trusted root certificate.