How to add a root CA certificate into "cert8.db" file using Mozilla "certutil" tool? I have exported a root CA certificate file in PEM format

If you want to add a root CA certificate into a "cert8.db" file from a certificate file, you can use the Mozilla "certutil -A -i" command as shown in this tutorial:

1. Run Firefox 9 and start the certificate manager.

2. Click "Authorities", find "GeoTrust Global CA" and export it into "GeoTrust_CA.pem".

3. Run Mozilla "certutil" command below to import in your own cert8.db file:

C:\fyicerter>\fyicerter\nss\bin\certutil -A -d .\
-i GeoTrust_CA.pem -n "GeoTrust Global CA" -t "C,,"

C:\fyicerter>\fyicerter\nss\bin\certutil -L -d .\

GeoTrust SSL CA                                              ,,
GeoTrust Global CA                                           C,,

What you are getting from this tutorial:

• "-A" command adds a certificate to the certificate database.
• "-d .\" specifies the directory where the database, cert8.db, is located.
• "-i GeoTrust_CA.pem" specifies the input root CA certificate file.
• '-n "GeoTrust Global CA"' specifies a name for this certificate.
• '-t "C,,"' specifies trust arguments: "trusted CA to issue server certs" for SSL category. No trust for email and object signing categories.