Installing the Zyte CA certificate#

On some operating systems or web browsers, using Zyte services like Zyte API may require installing the Zyte CA certificate.

You can tell that is your case when every attempt to use a given Zyte service results in an error about SSL certificate verification.

To install the Zyte CA certificate, get it and follow the instructions below for your operating system or web browser.

Get the Zyte CA certificate#

Download the certificate from here.

Operating systems#

Windows 10#

Press the Win key + R hotkey and input mmc in Run to open the Microsoft Management Console window.
Click File and select Add/Remove Snap-ins.
In the opened window select Certificates and press the Add > button.
In the Certificates Snap-in window select Computer account > Local Account, and press the Finish button to close the window.
Press the OK button in the Add or Remove Snap-in window.
Back in the Microsoft Management Console window, select Certificates under Console Root and right-click Trusted Root Certification Authorities.
From the context menu select All Tasks > Import to open the Certificate Import Wizard window from which you can add the Zyte CA certificate.

More details can be found here.

macOS#

Open Keychain Access window (Launchpad > Other > Keychain Access).
Select System tab under Keychains, drag and drop the downloaded certificate file (or select File > Import Items... and navigate to the file).
Enter the administrator password to modify the keychain.
Double-click the Crawlera CA certificate entry, expand Trust, next to When using this certificate: select Always Trust.
Close the window and enter the administrator password again to update the settings.

Linux#

Install the downloaded Zyte CA certificate file:

sudo cp zyte-ca.crt /usr/local/share/ca-certificates/zyte-ca.crt

Update stored Certificate Authority files:
```
sudo update-ca-certificates
```

Web browsers#

Firefox#

Open Preferences, visit Privacy & Security tab, scroll down to the Certificates section, click View Certificates… button to open Certificate Manager.
Under Authorities tab click Import… button, navigate to the certificate file.
In the opened window (You have been asked to trust a new Certificate Authority (CA)) check the first option Trust this CA to identify websites and click the OK button to finish importing the certificate.
Click the OK button to save settings and exit Certificate Manager.

Chrome#

Click the triple-dot icon in the top right corner and choose Settings.
Scroll to the Privacy and security section and click on Security.
Scroll down to find and click Manage Certificates.
The next steps will depend on the operating system. In the case of macOS, the previous action will open the Keychain Access, see macOS above. In the case of Windows, the Certificates application should appear, select Trusted Root Certification Authorities tab, click Import... button, navigate to the certificate file, verify the import was successful and the installed certificate is displayed under Trusted Root Certification Authorities tab, close the Certificates window.

Tech stacks#

Node.js#

Point the NODE_EXTRA_CA_CERTS environment variable to the Zyte CA certificate.

Python#

To use requests, build a CA bundle and point the REQUESTS_CA_BUNDLE environment variable to it.

Alternative files#

CA bundle#

Sometimes you cannot specify an extra certificate, like the Zyte CA certificate, and instead you must specify a CA certificate bundle that includes the Zyte CA certificate.

To generate such a CA certificate bundle:

Get a generic CA certificate bundle in PEM format, e.g. curl’s.
Append the contents of the Zyte CA certificate to the end of the generic CA certificate bundle file.

You can then use the resulting file as a CA certificate bundle that supports Zyte domains.

PKCS#12#

In case of requiring a certificate with PKCS#12 format, you can generate it with the following OpenSSL command:

openssl pkcs12 -export -nokeys -password pass: -in zyte-ca.crt -out zyte-ca.p12