How to configure certificates in the Windows certificate store

Environment: cloud
• 2 minutes to read
 • 2 minutes to read

Let's look at how to configure your certificates in a Windows certificate store. This is necessary to enable your application to validate all SAML and JWT tokens issued by SuperOffice CRM Online.

In this procedure, you will need the 3 SuperOffice development environment certificates

x

You find these in the certificates download. SuperOfficeOnline.crt is stored in the RootCertificate folder, the 2 trusted people certificates are stored in the environment folder.

This procedure must be completed on all computers that will be hosting your application in all 3 environments: development, stage, and production. If you don't have access to the certificate store, you need to implement a programmatic override to validate the certificates.

Import root and environment certificates

Pre-requisites:

To import certificates:

  1. Open the Microsoft Management Console (MMC).

  2. Select Certificates (Local Computer).

  3. Start the certificate import wizard:

    1. Right-click Trusted Root Certification Authorities
    2. Point to All Tasks
    3. Select Import
    4. Click Next

    x -screenshot

  4. Select the certificate file from disk and click Next.

    x -screenshot

  5. Select Place all certificates and click Next.

    x -screenshot

  6. Click Finish.

    x -screenshot

Note

Remember to step through this procedure for both SuperOfficeRoot.crt and the SuperOffice{Environment}.crt certificates!

Import subject (login) certificates

Pre-requisites:

  • you have added the Certificates snap-in
  • you have imported the root and environment certificates

To import subject certificates:

  1. Open the Microsoft Management Console (MMC).

  2. Select Certificates (Local Computer).

  3. Start the certificate import wizard:

    1. Right-click Trusted People
    2. Point to All Tasks
    3. Select Import
    4. Click Next

  4. Select SuperOfficeFederatedLogin.crt from disk and click Next.

  5. Select Place all certificates and click Next. Then click Finish.

How do I verify that certificates are configured correctly?

On the computer in each hosting environment:

  1. Open MMC.
  2. Select Certificates (Local Computer).
  3. Select the certificates folder of Trusted People.
  4. Select the federated login certificate for your environment.
  5. Verify the hierarchy on the Certificate Path tab.
  6. Verify the thumbprint on the Details tab.

x -screenshot

Note

Following image shows Stage certificate

x -screenshot