UN ICC Certificate Services
The following root certificate can be downloaded.
Any system using this service will required HTTP access to the web site pki.unicc.org. Therefore firewalls should be configured to allow all clients port 80 access to this web site.
Installing the Root Certificate
Windows Active Directory
The root certificate can easily be installed in your Active Directory forest, the certificate will then be distributed to all domains and computers in your forest.
Installation Steps:
- Logon with an Administrator account, that has the following rights:
- Enterprise Admin
- Domain Admin
- Download the Root Certificate
- From an evaluated command prompt run the following command:
- certutil -dspublish -f "UN International Computing Centre Certificate Authority.crt" RootCA
- The result should look like:
C:\> certutil -dspublish -f "UN International Computing Centre Certificate Authority.crt" RootCA
ldap:///CN=UN International Computing Centre Certificate Autho-01685,CN=Certification Authorities,CN=Public Key Services,CN=Services,CN=Configuration,DC=unicc,DC=org?cACertificate
Certificate added to DS store.
ldap:///CN=UN International Computing Centre Certificate Autho-01685,CN=AIA,CN=Public Key Services,CN=Services,CN=Configuration,DC=unicc,DC=org?cACertificate
Certificate added to DS store.
CertUtil: -dsPublish command completed successfully.
C:\>
- The certificate will replicate to all Domain Controllers, the availability of the certificate will depend upon your replication schedule and topology.
Windows Standalone or foreign Domain-Joined Computer
To install the root certificate on a Windows computer.
Installation Steps:
- Logon with an Local Administrator account
- Download the Root Certificate
- From an evaluated command prompt run the following command:
- certutil -addstore –f Root “UN International Computing Centre Certificate Authority.crt”
- The result should look like:
C:\Users\Administrator>certutil -addstore -f Root "C:\Users\Administrator\Desktop\UN International Computing Centre Certificate Authority.crt"
Root
Signature matches Public Key
Certificate "CN=UN International Computing Centre Certificate Authority" added to store.
CertUtil: -addstore command completed successfully.