This is an old revision of the document!
The certificate authority(CA) which issued IBG's website certificate has had their own certificate expire. They have issued a new certificate, but the new certificate is not yet incorporated into many web browsers. Web browsers that do not have the new certificate will show a security warning. To avoid this warning the new CA certificate must be installed in your browser.
To install the new certificate, go to the CA's website at http://certs.ipsca.com/Support/hierarchy-ipsca.asp and then click the ipsCA Global CA Root
link at the bottom of the page:
Or, click here to install the certificate directly from their page.
That will bring up a dialog box. Check the box for Trust this CA to identify web sites
and then click OK
.
Installation of the updated certificate in Thunderbird requires downloading the certificate, and then importing it.
ipsCAGlobal.crt
file to a convenient location.Tools
or Edit
menu and select Preferences
(different versions of Thunderbird put Preferences
in different locations).Advanced
button.Certificates
tab.View Certificates
button.Authorities
tab.Import
button.ipsCAGlobal.crt
file which you previously saved.Trust this CA to identify web sites
.OK
on the Downloading Certificate window.OK
on the Certificate Manager window.Close
on the Thunderbird Preferences window.Microsoft has included the updated ipsCA certificate in their root certificate update pack. The updated pack can be installed through the normal Microsoft Update procedures, or downloaded directly from Microsoft.
Windows 7 and Windows Vista normally will automatically download updated certificates with no necessary user interaction.
To add the CAcert Root Certificate to Apple Safari, use the Keychain Access application which is shipped with Mac OS X.
To install the certificate system-wide, you need to follow these steps:
ipsCAGlobal.crt
file. The Keychain Access application will be launchedGoogle Chrome uses the native operating system to handle certificates. Follow the instructions to make sure that Microsoft Windows or Mac OS X has the new certificate. However, in the version of Google Chrome available as of this writing (3.0.195.38) there is a bug which requires clearing the cache to properly validate the new certificate if the website was visited while the old certificate was in place.
If you visit the IBG secure website and there are no errors or warnings, then nothing else needs to be done.
If after updating your operating system the Chrome address bar shows a red https:
with a line through it, then follow these steps to force Chrome to reload the certificate.
Clear browser data
Empty the cache
is selectedClear data from this period:
to Everything
Clear browsing data
Options
Under the hood
tabCheck for server certificate revocation
boxClose
Options
Under the hood
tabCheck for server certificate revocation
boxClose