How to manually update root certificates

  • Document ID:KM03573386
  • Creation Date:20-Dec-2019
  • Modified Date:20-Dec-2019
    • Micro Focus Products:
      quality center
      unified functional testing

Summary

How to manually update root certificates on windows for machines which do not have internet access

Question

It may be necessary to manually update root certificates on a Windows machine where the ALM Client certificates still won't allow the client installation

Answer

On a machine with internet access...

 

  1. Open a cmd prompt as admin
  2. Navigate to a folder somewhere, i.e C:\Temp
  3. Type: CertUtil –generateSSTFromWU Rootstore.sst
  4. Current root certificates updates will download and write to the file "Rootstore.sst"
  5. Copy the .sst file from the path in Step 2 to the machine(s) which does not have internet access


On the machine without internet access...

 

  1. Click Start>Run. Alternatively click windows keyboard button + R
  2. Type: certmgr.msc - this opens the certificate manager
  3. Right click on the item "Trusted Root Certification Authorities
  4. Select All Tasks>Import
  5. Click Next
  6. Click "Browse", change the file type in the lower right selection drop-down to "All Files"
  7. Navigate to the location .sst file obtained from the previous set of steps and select the file
  8. Click Next
  9. Specify the radio item "Place all certificates in the following store. "Trusted Root Certification Authorities" should be specified
  10. Click Next, Click Finish - Note: It is necessary to click "Yes" very many times, each for every certificate which resides in the .sst file.
  11. Repeat steps 1-10 except specify the "Trusted Publishers" container for Steps 3 and 9