SECURING
Trusted root certificates allow web servers to accept the trusted root certificates from connecting clients. Trusted root certificates are also useful for automatically completing partial certificate chains presented by CAs.
About this task
You create Trusted Root documents in the Trusted Roots view of certstore.nsf to store the trusted root certificates and then select them when you generate TLS certificates.
Note: Let's Encrypt trusted roots for both the Production and Staging environments are included in certstore.nsf and are added automatically to TLS certificates that are generated by the Let's Encrypt CA.
To add a trusted root certificate:
Procedure
1. Open certstore.nsf.
2. Select the Trusted Roots view.
4. Copy the certificate to the clipboard and then click Paste Certificate.
5. Click Submit Request to add the trusted root certificate to the Trusted Roots view.
What to do next
When you request a TLS certificate, select the Security/Keystab of the TLS Credentials document. In the Trusted Rootsfield, select the trusted root certificate you added.
You can also add a trusted root certificate to an existing TLS Credentials document. The trusted root certificate is in effect right away.
Parent topic: Managing TLS certificates with Certificate Manager