Download and Install Real Time Logic's Root Certificate

New to Certificate Management?

We recommend reading our Certificate Management for Embedded Systems tutorial if you are new to SSL and certificate management.

All browsers will show a certificate warning when the certificate provided by the HTTPS (secure web server) is not trusted. A browser will not trust an HTTPS server unless the following conditions are fulfilled:

  • The certificate must be valid and not expired.
  • The certificate must have been signed by a trusted third party, i.e. signed by a Certificate Authority (CA) whose public root certificate is stored in the browser's certificate store.
  • The domain name entered in the browser's address bar must match the domain name in the certificate.

All SharkSSL enabled products and demos delivered by Real Time Logic include a certificate that is digitally signed by Real Time Logic's root certificate. This certificate is not in your browser's certificate store unless you have previously installed it. The following instructions are for installing Real Time Logic's root certificate.

If you are a device manufacturer, you should check out the article:
Why You Need Automatic Certificate Management for Embedded Web Servers.

How to install the Real Time Logic root certificate

Internet Explorer (IE), Chrome, and Opera (for Windows):

IE, Chrome, and Opera use the Windows Certificate Store. The following instructions are for installing a certificate in the Windows Certificate Store. IE and Chrome will automatically load certificates from the Windows Certificate Store.

  1. Download the Real Time Logic Root Certificate (.p12 PKCS#12 format)
  2. Double click the downloaded certificate file CA_RTL_RSA_2048.p12
  3. The Windows certificate import wizard opens
  4. Complete the import wizard
    • On the Password page: leave the password field blank and click the Next button


  1. Download the Real Time Logic Root Certificate (.cer PEM format)
  2. The Firefox certificate import wizard should open automatically
  3. Check (enable) "Trust this CA to identify websites"
  4. Click the OK button to install the root certificate

The Certificate Domain Name

Our certificates are signed for the domain name localhost, "device", or "target". The domain name localhost is used for Real Time Logic's server products and demos designed for a host system such as Windows. The assumption is that you will use the browser and server on the same host system and that you will navigate to https://localhost.

The domain name in the certificate must also match the domain name used by the server. The warning shown in the image to the left is when using Chrome to browse directly to Real Time Logic's online server's IP address. See the SharkSSL Demo page for more information.

The certificate signed with the domain name "target" and "device" are designed for embedded devices (or programs not running on localhost). You must edit your hosts file and set the following rule in the hosts file for using the "device" or "target" certificate. target

The IP address must be replaced with the actual target's IP address.

On a Windows 7, the hosts file can be found in: c:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts