How to install a digital certificate step by step

How to install a digital certificate step by step


In this guide we will show you how to install a digital certificate step by step in Windows 10 , something that will help us, for example, to install the FNMT certificate that we explained a few days ago how to obtain , but that will also be used for any other digital certificate that we need to install, something that can happen in some cases of teleworking if we have to access corporate networks from our home , for example.

We emphasize that this guide begins at the stage in which we already have the certificate itself downloaded to our computer and easily located , so that it is much easier to find during the process, recommending short routes or having a direct access available, such as it would be the desktop or the Documents folder.

In the event that, for example, we need the FNMT certificate, we can access this guide in which we tell you step by step how to obtain this certificate that will allow us, for example, to carry out tax procedures online, as well as obtain certain documents without having to go to an administrative office , something that will save us large amounts of time on certain occasions.

Run the certificate import wizard

It should be noted that we can access the Windows certificate import wizard by opening an execution window by pressing the Windows + R keys and typing "certmgr.msc" , something that will open the certificate manager where we can browse all the installer certificates and add a new certificate, but the steps will be more complicated, inconsistent between versions of Windows, and finally lead us to the same result, so in this guide we will use a simpler way to install the certificates.

The first thing we will need is to access the certificate, because simply by double clicking on the certificate file with the PFX, P12, P7B or SST extension, the certificate import wizard will automatically open, something that will guide us through the entire process. providing us with different options along the way to customize the behavior of the certificate itself as much as possible.

When the wizard is run, we will see a window that is basically a welcome to the wizard, and allows us to start configuring the import of the certificate that we have opened, requesting the location of the certificate store that we want to use.

In the case of private certificates such as that of the FNMT, it is advisable to limit yourself to using the current user store –by first logging in to the user account that will use this certificate– even if it were a certificate of a different nature that should be used by multiple users on the computer, we can select the local computer store.

Start importing the certificate

Once we have selected the store that we want to use, we will be asked to confirm which is the certificate we want to import, which we can do, as we have mentioned, in the .PFX, .P12, .P7B and .SST formats , so that we will have to make sure we have a certificate in a format that Windows can correctly recognize when importing it.

In the event that we have a certificate in the wrong format, we can try to request a certificate that meets the necessary requirements , or we can try to use some type of converter, something that we can find both in the form of an application and in the form of a service online, the latter being less recommended depending on the type of certificate with which we are working for the treatment of sensitive data.

In general, the import wizard should automatically locate the certificate we want to import , since when it is opened by double clicking on the certificate itself, the wizard should load the path automatically.

In the event that this is not the case, we will simply have to click on Examine and from there we can manually select where the certificate is located , and once this is done, we will click on Next.

Certificate security

Digital certificates are mainly used to identify us as natural persons on a network , so it is possible that they arrive with a password that we have to enter to install the certificate.

This password will be requested by the wizard in order to allow us to install the certificate, so that it can verify that we are the legitimate owner of it.

Under the password option, we find a sub section of import options, where we will find some security options that can serve us mainly to be more aware of when and where the certificate is used, in addition to deciding if the keys can be exported to backup or not.

Depending on the type of certificate, we recommend activating at least the first option , so that if an unexpected application tries to access our certificate without any reason to do so, we can be aware and stop this behavior immediately until we know the reason for same.

Certificate store selection

In this last step we will be asked to select a certificate store , something that, although it can be confused with the first step, where we were asked if we wanted to use a local user store or system store, it is not the same.

In this way we can choose if we use the default system locations for them or if, on the contrary, we need the certificates to be stored in a different location for some reason.

For the average user, we recommend leaving this option by default , since this configuration will allow us to locate the stores more easily, although we also have the option of adding an additional layer of security by placing the certificate store on an external drive that we can remove when we are not in front of the team.

With this last step, we will click on Next and we will see a summary of the actions taken , the type of certificate that we have installed and the file name of the certificate itself, so that we can confirm that it has already been installed and is ready to work in the web pages, networks or applications that need it to authenticate the user of the service. We can access the certificate manager that we mentioned at the beginning of the guide to check if it is really installed correctly , but again, by accessing the service that requires the certificate we can know if it really works and is detected by the rest of the applications or not.

Post a Comment