Install Internet Explorer 7 Certificate

Internet Explorer 7 adds security features that change the way that the browser handles Cisco certificates for website access. Because Cisco provides a self-signed certificate for the Cisco Unified Communications Manager or Cisco Unity Connection server, Internet Explorer 7 flags the Cisco Unified Communications Manager Administration or Cisco Unity Connection website as untrusted and provides a certificate error, even when the trust store contains the server certificate.


Note

Internet Explorer 7, which is a Windows Vista feature, also runs on Windows XP Service Pack 2 (SP2), Windows XP Professional x64 Edition, and Windows Server 2003 Service Pack 1 (SP1). Java Runtime Environment (JRE) must be present to provide Java-related browser support for IE.

Be sure to import the Cisco Unified Communications Manager or Cisco Unity Connection certificate to Internet Explorer 7 to secure access without having to reload the certificate every time that you restart the browser. If you continue to a website that has a certificate warning and the certificate is not in the trust store, Internet Explorer 7 remembers the certificate for the current session only.

After you download the server certificate, Internet Explorer 7 continues to display certificate errors for the website. You can ignore the security warnings when the Trusted Root Certificate Authority trust store for the browser contains the imported certificate.

The following procedure describes how to import the Cisco Unified Communications Manager or Cisco Unity Connection certificate to the root certificate trust store for Internet Explorer 7.

Procedure
    Step 1   Browse to application on the Tomcat server by entering the hostname (server name) or IP address in the browser.

    The browser displays a Certificate Error: Navigation Blocked message to indicate that this website is untrusted.

    Step 2   To access the server, click Continue to this website (not recommended)

    The administration window displays, and the browser displays the address bar and Certificate Error status in red.

    Step 3   To import the server certificate, click the Certificate Error status box to display the status report. Click the View Certificates link in the report.
    Step 4   Verify the certificate details.

    The Certification Path tab displays "This CA Root certificate is not trusted because it is not in the Trusted Root Certification Authorities store."

    Step 5   Select the General tab in the Certificate window and click Install Certificate.

    The Certificate Import wizard launches.

    Step 6   To start the wizard, click Next.

    The Certificate Store window displays.

    Step 7   Verify that the Automatic option, which allows the wizard to select the certificate store for this certificate type, is selected and click Next.
    Step 8   Verify the setting and click Finish.

    A security warning displays for the import operation.

    Step 9   To install the certificate, click Yes.

    The Import wizard displays "The import was successful."

    Step 10   Click OK. The next time that you click the View certificates link, the Certification Path tab in the Certificate window displays "This certificate is OK."
    Step 11   To verify that the trust store contains the imported certificate, click Tools > Internet Options in the Internet Explorer toolbar and select the Content tab. Click Certificates and select the Trusted Root Certifications Authorities tab. Scroll to find the imported certificate in the list.

    After importing the certificate, the browser continues to display the address bar and a Certificate Error status in red. The status persists even if you reenter the hostname or IP address or refresh or relaunch the browser.