Key Type	RSA 4096-bit
Signature	SHA-256
Valid	2026 – 2076 (50 years)
Subject	O=getaCert - www.getacert.com, L=Seattle, ST=Washington, C=US

Download Current CA Certificate

For users who generated certificates before March 2026. This CA is no longer used for new certificates.

Key Type	RSA 2048-bit
Signature	SHA-256
Valid	2016 – 2038
Subject	O=getaCert - www.getacert.com, L=Seattle, ST=Washington, C=US

Download Legacy CA Certificate

How to Install the Root CA Certificate

Windows

1. Double-click the downloaded .crt file
2. Click Install Certificate
3. Select Local Machine, click Next
4. Select Place all certificates in the following store
5. Click Browse and select Trusted Root Certification Authorities
6. Click Next, then Finish

macOS

1. Double-click the downloaded .crt file to open it in Keychain Access
2. It will be added to the login keychain
3. Find the certificate (getaCert - www.getacert.com), double-click it
4. Expand Trust and set When using this certificate to Always Trust
5. Close the window and enter your password to confirm

Linux (Ubuntu/Debian)

sudo cp getacert.cer /usr/local/share/ca-certificates/getacert.crt
sudo update-ca-certificates

Linux (RHEL/CentOS/Fedora)

sudo cp getacert.cer /etc/pki/ca-trust/source/anchors/getacert.crt
sudo update-ca-trust

Firefox (all platforms)

Firefox uses its own certificate store, separate from the OS.

1. Open Settings → Privacy & Security → Certificates → View Certificates
2. Click the Authorities tab
3. Click Import and select the downloaded .crt file
4. Check Trust this CA to identify websites
5. Click OK

Chrome / Edge (all platforms)

Chrome and Edge use the OS certificate store on Windows and macOS. On Linux:

certutil -d sql:$HOME/.pki/nssdb -A -t "C,," -n "getaCert" -i getacert.cer

Java / JVM

keytool -import -trustcacerts -alias getacert \
  -file getacert.cer \
  -keystore $JAVA_HOME/lib/security/cacerts \
  -storepass changeit

Node.js

export NODE_EXTRA_CA_CERTS=/path/to/getacert.cer