When you request SecureNT Intranet SSL, we send you an email with a zip file containing the files listed below.

1. Issued SSL Certificate (File: server.cer)
2. Private key (File: serverkey.cer) (Note: If you have shared CSR then this file is on your server where you generated the CSR. So, so it is not included.)
3. SecureNT Intranet Root Certificate (File: SecureNT Intranet Root CA.cer)
4. SecureNT Intranet Intermediate Certificate (File: SecureNT Intranet Intermediate CA.cer)
5. SecureNT CA Bundle – Root+Intermediate (File: SecureNT CA-Bundle.cer) (optional)
6. Issued SSL Certificate with the Root Certificates and Private Key in PFX (P12 or PKCS#12) format (File: server.pfx) (Note: If you have shared CSR then you get issued Certificate with CA roots in p7b format. File: server.p7b)

Let us see what file is used where during the installation.

  1. Server: This is the server that hosts your web application. On the server, you must install the issued cert (server.cer #1) as well as the two CA Certificates (SecureNT Intranet Root CA.cer #3 and SecureNT Intranet Intermediate CA.cer #4). If the CSR was not generated on the server, you will have to install the Private Key (serverkey.cer #2) also. Installation of the server.pfx #6 (or  server.p7b) typically accomplishes this task because it contains all 4 or 3 of these files.

    But frequently, things are not straightforward. The installation procedure may vary based on the operating system and web server being used. On this subject, there is a tonne of information online, so it won’t be rehashed here. Send us an email at support@intranetssl.net with specifics if you run into any problems.

  2. Client machines: These are the machines that are going to access the web application hosted on the server. On each of them, you must install the SecureNT CA root certificates (SecureNT Intranet Root CA.cer #3 and SecureNT Intranet Intermediate CA.cer #4) once. Therefore, they must be manually installed by going to each PC and doing the certificate import, or if you have Microsoft Group Policy, you can easily install them on each of the client PC.

    SecureNT CA-Bundle.cer (#5) has both CA Certificates in a single file but most client operating systems (Windows 10 or macOS) don’t allow them to install in a single step. We have provided this file because some PKI tools require it during the installation.

In case, you require SecureNT CA certificates, click on the links below to download them.

  1. SecureNT Intranet Root CA Certificate
  2. SecureNT Intranet Intermediate CA Certificate
  3. SecureNT Intranet Chained CA Certificate Bundle (both root & intermediate certificates are there in a single file)

After the download, rename the file extension from “.txt” to “.cer” or whatever name you want. Downloaded root files are in DER format. In case you require them in PEM (txt) format send mail to support@intranetssl.net

Steps to install SecureNT Intranet Root Certificates on Windows PCs

  1. Right-click on the file name in Windows Explorer. Click on “Install Certificate”.
  2. You will see “Do you want to open this file?” Click “Yes.”
  3. You will see “Certificate” Click on “Install Certificate”
  4. You will see “Welcome to the Certificate Import Wizard” Against the Store location select “Local Machine” and click “Next”.
  5. You will see “Do you wish to allow this app to make changes to your device?” Click “Yes”
  6. You will see “Certificate Import Wizard – Certificate Store” Select “Place all the certificates in the following store”. Click “Browse”.
  7. You will see “Select Certificate Store”. For “SecureNT Intranet Root CA.cer” select “Trusted Root Certification Authorities” and for “SecureNT Intranet Intermediate CA.cer” select “Intermediate Certification Authorities”. Click “Next”. Click “Finish”

In case you wish to install the Root Certificates on multiple Windows PCs or in the Firefox browser read our blog here.


How to add the root certificate to Mac OS X

  1. Double-click the certificate file (with the “.cer” extension). It will start the “Keychain Access” app. Under “Add Certificate” against “Do you want to add the certificates from the file “SecureNT Intranet Root CA.cer” to a keychain?” Choose “System” from the keychain option. Then press “OK”
  2. The window pops up “Do you want your computers to trust certificates signed by <root CA> from now on? click the “Always Trust” button.
  3. Then you will see under “Keychain Access” that the certificate is added to the system entry.

Repeat the above steps for each Certificate.

In case you wish to install the Root Certificates on multiple OS X client Macs or in the Firefox browser read our blog here.

Comodo SSL