To resolve this error, perform the following steps:
- Go to www.thawte.com/roots to download the root you require. Create a new text file (example.txt) and paste the certificate information into it, save and close.
- Rename the text file to example.cer.
- Open example.cer file, Windows automatically associate it as an X.509 certificate and opens it with the Certificate Viewer.
- Switch to the "Certification Path" tab. This tab shows the hierarchy of the certificate screen capture of Certificate dialog
- Choose the CA and click "View Certificate." You see a new Certificate dialog for the CA itself.
- Switch to the "Details" tab, click "Copy to File." This opens the Certificate Export Wizard.
- Click "Next." Choose "Base-64 encoded X.509 (.CER)." Click "Next." Choose a file name (c:\exampleca.cer). Click "Next." Click "Finish."
After you have the root certificate, perform the following steps:
- 1. Open the Server Certificate Administration database. Choose step 3 "Install Trusted Root Certificate into Key Ring"
- Fill out the fields as shown in the screen capture below, changing the kyr file to the correct name (which should be the correct name by default). The Certificate Label is purely informational, a best practice is to match it to the name of the CA issuer's common name.
- Click "Merge Trusted Root Certificate into Key Ring" and follow the prompts. This step imports the trusted root.
* If you clicked OK when first receiving the "Unrecognized Certificate Authority signature" message, then the key file ring is ready and all steps are complete.
* If you clicked Cancel to the message dialog, you need to repeat "Install Certificate into Key Ring" in the Server Certificate Administration database.