Install Supporting Certificates for Email, Client Authentication, and Document Signing on Windows 10

How to install supporting certificates (intermediate and root) for email, client authentication, and document signing certificates.

Related Content

Want to keep learning?

Subscribe to SSL.com’s newsletter, stay informed and secure.

If you are having problems using one of SSL.com’s Email, Client Authentication, and Document Signing certificates, it’s important to make sure that all necessary supporting (intermediate and root) certificates are installed on your system. This how-to will step you through retrieving these certificates and installing them in MMC on Windows 10.
Note: If you are using an certificate installed on a YubiKey or other secure token, it is still necessary to install these supporting certificates on your computer.
  1. Log into your SSL.com user account and navigate to your certificate order, then click the download link. download
  2. Find the certificate download by platform table, then click the download link for Other platforms. download
  3. Download the zip file. Save file
  4. Locate the zip file on your computer, then unzip it by right-clicking it and selecting Extract All… from the menu, then clicking the Extract button in the window that opens. Extract All...
  5. Open MMC on your computer. You can find it by typing “mmc” into the Windows search bar. Open MMC
  6. Choose File > Add/Remove Snap-in… from the menu. File data-lazy-src=
  7. Make sure Local Computer is selected, then click the Finish button. Select Local Computer, then click Finish
  8. Click the OK button to close the Add or Remove Snap-ins dialog box. OK button
  9. Select Certificates (Local Computer) from the left-hand pane. Certificates (Local Computer)
  10. Right-click Intermediate Certification Authorities, then select All Tasks > Import… from the menu. Import
  11. The Certificate Import Wizard will open. Thick the Next button. Next button
  12. Click the Browse button. Browse button
  13. In the file open dialog, navigate to SSL_COM_CLIENT_CERTIFICATE_INTERMEDIATE_CA_RSA_R2.crt in the unzipped folder from step 4, above, and click the Open button. Open intermediate certificate
  14. Click the Next button.
  15. Click the Next button again to accept the certificate store location. Next button
  16. Click the Finish button. Finish button
  17. Click the OK button. OK button
  18. Next, navigate to Trusted Root Certification Authorities > Certificates, and make sure that the following certificates are installed:
    • Certum Trusted Network CA
    • SSL.com Root Certification Authority RSA (issued by SSL.com)
    • SSL.com Root Certification Authority RSA (issued by Certum)
    Trusted Root Certification Authorities
  19. If any of these certificates are missing, right click on Trusted Root Certification Authorities > Certificates, select All Tasks > Import… from the menu, then repeat steps 12 to 18 for any missing root certificates:
    • For missing Certum root, install CERTUM_TRUSTED_NETWORK_CA.crt.
    • If either SSL.com root is missing, install SSL_COM_ROOT_CERTIFICATION_AUTHORITY_RSA.crt.
    Import
  20. Close MMC by selecting File > Exit from the menu. Exit
  21. Click the No button to dismiss the dialog box. Alternately, you can click Yes and create a filename to save your MMC settings for later use. No button
Thank you for choosing SSL.com! If you have any questions, please contact us by email at Support@SSL.com, call 1-877-SSL-SECURE, or just click the chat link at the bottom right of this page. You can also find answers to many common support questions in our knowledgebase.

Stay Informed and Secure

SSL.com is a global leader in cybersecurity, PKI and digital certificates. Sign up to receive the latest industry news, tips, and product announcements from SSL.com.

We’d love your feedback

Take our survey and let us know your thoughts on your recent purchase.