Skip to main content
日本語 简体中文 繁體中文

Installation Manual of Root Certificate for HDE One Directory Sync Tool

1. Background

In order for the On-Premise Active Directory server to synchronize user and password information with the HENNGE Access Control cloud service, a Root Certificate is required to be installed into the server. This manual instructs you on the installation of Root Certificate.

2. Precautions

In order for HENNGE Directory Sync Tool to be installed, Admin permissions of the Active Directory server are required.

3. Procedures

For the server that has the HENNGE Directory Sync Tool installed, both [ AddTrust External CA Root ] and  [ Amazon Root CA 1 ] certificates are required to be installed.
Please follow the [ Prerequisite ] manual first, then follow the manual according to the version of the server that the HENNGE Directory Sync Tool is installed.

This server certificate is used very commonly, and there are no issues or security reports related to this certificate.
The server will not require any downtime on the server machine. (There will not be any restart of the server required.)

Prerequisite: Download the Certificate+

※ Please operate the procedures in this manual in your local client.

 

Step 1. Access the following URL, and download the [ AddTrust External CA Root ] certificate.

 

AddTrust External CA Root.cer

 

 

 

Step 2. Access the Amazon Trust Services Repository Web Page.

 

Open the Browser and access the URL below.

https://www.amazontrust.com/repository/

 

 

 

Step 3. Download the Amazon Root CA 1 Server Certificate.

 

Download the certificate [ Amazon Root CA 1 ] under the [ Root CAs ] certificates, and download the version DER onto your server.

Download the AmazonRootCA1.cer certificate.

 1_edited.png

 

 ※ The following screenshot is an example of using the "Internet Explorer" Browser to download the certificate, the actual screen may differ according to your environment.

2_edited.png

 

 

 

Certificate Installation Procedure (Windows Server 2016)+

Step 1. Login to the server with an Admin account.

 

 1_edited.png

 

 

Step 2. Click on [ Start ] menu and input [ mmc ], look for the [ mmc.exe ] in the search results and click on it.

 

 2_edited.png

 

 

Step 3. Click on the [ File ] on the top menu of the MMC Window

 

 3_edited.png

 

 

Step 4. Click on the [ Add/Remove Snap-in... ].

 

 4_edited.png

 

 

Step 5. Look for [Certificates] in the [ Add or Remove Snap-ins ].

 

 5_edited.png

 

 

Step 6. Click on [ Add > ].

 

 6_edited.png

 

 

Step 7. Click on [ Computer account ], and click on [ Next > ].

 

 7_edited.png

 

 

Step 8. Click on [ Local Computer ], and click on [ Finish ].

 

 8_edited.png

 

 

Step 9. Ensure that the [ Certificates (Local Computer) ] is already added, and click on [ OK ].

 

 9_edited.png

 

 

Step 10. In the [ Console Root ], look for [ Certificates (Local Computer) ] and click on it.

 

 10_edited.png

 

 

Step 11. Double click on [ Trusted Root Certification Authorities ].

 

 11_edited.png

 

 

Step 12. Click on [ Certificates ].

 

 12_edited.png

 

 

Step 13. Check to see if both certificates [ AddTrust External CA Root ] and [ Amazon Root CA 1 ] are found under the certificates console.

 

If both [ AddTrust External CA Root ] and [ Amazon Root CA 1 ] certificates are found, the operation is completed.
You can now close the Microsoft Management Console Window and the operation has been completed.

If either [ AddTrust External CA Root ] or [ Amazon Root CA 1 ] are not found, please follow the following steps.

 

 13_edited.png

 

 

Step 14. Please prepare the two certificates mentioned in the previous steps mentioned in the [ Prerequisites ] operation.

 

 1.certification_desktop_edited.png

 

 

Step 15. Double click on the certificate to be installed and click on the [ Install Certificate ].

 

 2.certification_install_edited.png

 

 

Step 16. Click on [Local Machine], and click on [ Next > ].

 

 3.certification_install_2_edited.png

 

 

Step 17. Select the [ Automatically select the certificate store based on the type of certificate ], and click on [ Next ].

 

 4.certification_install_3_edited.png

 

 

Step 18. Click on [ Finish ].

 

 5.certification_install_4_edited.png

 

 

Step 19. Wait for the [ The Import was successful ] message, and click on [ OK ].

 

 6.certification_install_5_edited.png

 

 

Step 20. Perform the procedures described from 15 to 19 for the other certificate.

 

 

Step 21. Perform procedures Step 2 to 13 again to check if both [ AddTrust External CA Root ] and [ Amazon Root CA 1 ] are both present.

 

7.certification_mmc_edited.png


The procedure has been finished for certificate installation.
Please close the Microsoft Management Console Window and complete the operation.