Configure trusted root CA
Trusted root CAs to can be used to avoid man in the middle attacks. During this task we add a Trusted root CA on the Windows client.
This and similar integrations required either CA provided or self signed certificates.
Obtain client and server certificates from a known certificate authority such as DigiCert, Comodo SSL or other authorities.
Okta does not endorse any specific certificate authority.
To add a certificate to Trusted root CA in windows 10:
- Open the Microsoft Management Console, or MMC.
- From the file menu select File > Add/Remove Snap-in.
- In the Add/Remove Snap-in dialog, in the Available snap-ins section, select Certificates and click Add.
- In the Certificates snap-in dialog, select Computer account and click Next.
- In the Select Computer dialog, select Local computer and click Finish.
- Click OK.
- Navigate to Console Root > Certificates (Local Computer) > Personal.
- Right click Personal and select All Tasks > Import.
The Certificate Import wizard will start.
- Click Next.
- Enter the fully qualified path or use the Browse button to navigate to the directory containing the certificate.
- Select the certificate and click Next.
- Click Finish. The certificate will be imported.
- From Certificates (Local Computer)>Personal>Certificates select the newly added certificate and drag it to
to Certificates (Local Computer)>Trusted Root Certification Authority>Certificates
The new certificate has been successfully added as a trusted root certificate.