Manually importing a certificate into a User Trust Store

If your System Trust Stores already contain the root CA certificate of the CA (Certificate Authority) that signed your intermediate, server or code-signing certificates, you do not need to import anything. If you are serving as your own CA, you must import the root CA certificate you exported (without its private key) into the User Trust Store of each client. Each platform and station share the same stores. This procedure documents how to manually import the root CA certificate into an individual client.

The focus is on the User Trust Store in the appropriate stores location, which would be the platform/station User Trust Store for a server certificate and the Workbench User Trust Store for a code-signing certificate.
Note: There is no need to import the server certificates or the intermediate CA certificates to any User Trust Store. Each signed server certificate carries within it any intermediate and root CA certificate information.
  1. Select the User Trust Store tab.
  2. Click Import.
  3. Locate and select the root CA certificate's .pem file on the thumb drive and click Open.
    The Certificate Import window opens.
  4. Confirm that the Subject property identifies the correct certificate and click OK.
    The system imports the certificate, identifying it with a green shield icon ()
You may repeat this procedure for each client platform/station, or use a provisioning job to automate the process.