How to import CA certificates

Following industry standards, Dynatrace software installers and device drivers for Microsoft operating systems are digitally signed using a commercial code signing certificate from a trusted certificate authority (Verisign or Thawte). Code signing certificates require the use of a primary root and intermediate certificate authority (CA) certificate to ensure that the signed code is fully trusted by users.

As a result, the Dynatrace product installation process requires the presence of a primary root and intermediate CA certificate in the target client or server's local computer certificate store. If not present, the primary root and intermediate CA certificates are downloaded during the installation process using Microsoft's automatic root update mechanism, which requires an Internet connection. For more information about the Windows Root Certificate Program, refer to http://support.microsoft.com/kb/931125.

If the installer does not detect these certificates on the target installation client or server and an internet connection is not available, an Error 1330 message indicates that an invalid digital signature error has occurred. In this case, you must download and manually install the primary root and intermediate root certificates prior to performing a product installation.

To import the required CA certificates, perform the following steps:

Log in as an administrator on the target installation client or server.

Download the primary root CA certificate.

Go to: https://www.thawte.com/roots/.

The thawte root certificates page is displayed.

Under Root 1 - Primary Root CA, right-click Download Root Now.

Save the file to the Desktop and change the file name to thawte_Primary_Root_CA.cer .

Import the primary root CA into the certificate store.

Double-click thawte_Primary_Root_CA.cer .

The Certificate window is displayed.

On the General tab, click Install Certificate.

The Certificate Import Wizard is displayed.

Click Next to continue.

Select Place all certificates in the following store, and then click Browse.

The Select Certificate Store window is displayed.

Select the Show physical stores check box.

Select Trusted Root Certification Authorities  ► Local Computer, and then click OK.

Click Next to continue.

Verify that the destination of the certificate is correct.

Click Finish to complete certificate import.

A message indicates that the import was successful.

Download the intermediate root CA certificate.

Go to: https://search.thawte.com/support/ssl-digital-certificates/index?page=content&id=AR1406.

The Download the Thawte Intermediate and Cross Root CAs for Code Signing certificates page is displayed.

In the text box under Code Signing Intermediate CA, save the text to the Desktop in a file named thawte_Intermed_Root_CA.cer .

Import the intermediate root CA into the certificate store.

Double-click thawte_Intermed_Root_CA.cer .

The Certificate window is displayed.

On the General tab, click Install Certificate.

The Certificate Import Wizard appears.

Click Next to continue.

Select Place all certificates in the following store, and then click Browse.

The Select Certificate Store window is displayed.

Select the Show physical stores check box.

Select Intermediate Certification Authorities  ► Local Computer, and then click OK.

Click Next to continue.

Verify that the destination of the certificate is correct.

Click Finish to complete certificate import.

A message indicates that the import was successful.