Skip to main content

Installation of mTLS Certificates for the Hybrid Solution of docu tools (on-premise)

Updated over 3 weeks ago

Target Audience

This guide is intended for administrators and end users of your company who use the hybrid version of docu tools where access to a data storage is via Mutual-TLS (mTLS) and a .p7b and a .p12 File are offered for download in the web application dialog window.

Prerequisites

  • You have downloaded the Files Zertifikat.p7b (certificate chain) and Zertifikat.p12 (client certificate with private key) from the dialog window of the web application.

  • The .p12 File is not Password protected.

  • You are using Windows or macOS with one of the following browsers: Microsoft Edge, Google Chrome, Mozilla Firefox.

  • You have sufficient permissions to Import certificates.

Note: The .p7b File contains the certificate chain, the .p12 File the personal client certificate. Both must be installed for the mTLS connection to work.

1. Installation of the Certificate Chain (.p7b)

Windows

  1. Open certmgr.msc or the Certificate Snap-In in the MMC.

  2. Import the .p7b File under "Intermediate Certification Authorities" or "Trusted Root Certification Authorities".

  3. Choose "Place all certificates in the following store" or let it choose automatically.

macOS

  1. Double-click on the .p7b File.

  2. Select "System" or "login" keychain.

  3. Confirm the Import with your macOS Password.

2. Installation of the Client Certificate (.p12)

A) Windows (Edge / Chrome)

  1. Open the browser → Settings → Privacy and Security → Security → "Manage certificates".

  2. Switch to "Personal Certificates" → "Import".

  3. Select the .p12 File.

  4. Since no Password is required, Click directly on Next.

  5. Let the store choose automatically or select "Personal Certificates".

  6. Complete Import → restart browser.

B) macOS (Edge / Chrome)

  1. Double-click on .p12 File → Keychain Access opens.

  2. Choose keychain "login" or "System".

  3. No Password is needed → certificate is directly Imported.

  4. Restart the browser → open docu tools → select certificate.

Firefox (Windows/macOS)

  1. Firefox → Settings → Privacy & Security → "View Certificates".

  2. Tab "Your Certificates" → "Import" → select .p12 File.

  3. No Password is required.

  4. Optional: Set a master Password, if desired.

  5. Restart browser.

3. Browser Overview

Browser

Storage Location and Special Features

Edge / Chrome

Use system certificate store (Windows/macOS)

Firefox

Own certificate store – Import separately in the browser

4. Verification and Testing

  • Open the web application of docu tools.

  • When accessing, a dialog to select the certificate appears.

  • Select your client certificate → access should be possible.

Troubleshooting Problems:

  • Incorrect or expired certificate?

  • Certificate chain not installed?

  • Browser restarted?

  • Certificate in the wrong storage location?

5. Renewal / Replacement of Certificates

  • Remove the old certificate from the certificate store.

  • Install the new .p12 certificate as described above.

  • Update the .p7b certificate chain if necessary.

6. Common Sources of Error

  • Certificate in the wrong storage location (e.g., "Other People").

  • .cer instead of .p12 → no private key → does not work.

  • Browser not restarted after Import.

  • macOS asks in keychain for "Always Allow" → take note.

7. Summary

Step

Description

1. Install Certificate Chain

Import .p7b (optional, depending on IT setup)

2. Install Client Certificate

Import .p12 File

3. Check Browser

Depending on the browser: Note Edge, Chrome, or Firefox

4. Test Access

Open docu tools → select certificate

For further questions, please contact your IT department or the support of docu tools.

Related Articles
Working Offline with the docu tools App
docu tools App for Mobile Devices
Deleting in docu tools
How to Save Contacts in docu tools?
Did this answer your question?