Trusting Embassy CA On Windows

Unfortunately, Windows does not have mDNS alias support built-in, which is necessary in order to visit .local addresses for any service you install on your Embassy, so we recommend using the Bonjour service. Check out this FAQ answer for details.


Recently many users who have run through the following instructions have successfully connected to their Embassy via LAN only to have it stop working a few days or weeks later. We believe this to be due to a recent change in Windows. When this happens the fix is to simply reinstall Bonjour and Bonjour Print Services. A solution is being worked on and Bonjour will not be necessary to connect to your Embassy for much longer.

  1. Install Bonjour Print Services on your Windows machine.


    If you are experiencing issues after installing Bonjour, you might have had a previous or failed install. To fix:

    1. Check out this video:

    2. Uninstall Bonjour and Bonjour Print Services completely via system settings > remove programs

    3. Reinstall Bonjour Printer Driver package (download at

    4. Restart Windows

    5. Note: Uninstalling Bonjour via the setup package seems to be not enough to solve the issue. Bonjour must be uninstalled via windows system settings.

  2. Back in Windows, click the “Start” menu, type “mmc”, and select “Run as administrator”

    Windows MMC

    Access the Windows Management Console. When prompted with the “User Account Control” window, select “Yes” to allow this program to run.

  3. When the Management Console opens, navigate to File > Add/Remove Snap-in.

    Windows Console Root

    Add Snap-in from Console Root

  4. Select “Certificates” in the left side menu, then “Add”. This will open another window.

    Add Certificates

    Add Certificates to selected snap-ins

  5. Select “Computer account” and click “Next”. Leave defaulted options on the next screen and click “Finish”.

  6. When you return to the “Add or Remove Snap-ins” page, ensure “Certificates (Local Computer)” exists under “Console Root” in the “Selected snap-ins” section, then click “OK”.

    Snap-in Selected

    Certificates (Local Computer) is selected as snap-in

  7. In the left hand menu of the Management Console, navigate to Certificates (Local Computer) > Trusted Root Certification Authorities > Certificates.

    Certificates in Management Console

    Access Certificates in Management Console

  8. Right click on “Certificates”, then navigate to All Tasks > Import.

    Import certificate

    Select “Import” from Certificates sub-menu

  9. Click “Next” on the first page of the Certificate Import Wizard, then browse to the location where you saved the downloaded certificate and click “Open”.

    Import cert wizard

    Add downloaded certificate in the Certificate Import Wizard

  10. On the “Certificate Store” window, ensure that it says “Trusted Root Certificate Authorities” and click “Next”.

  11. Select “OK” when the import is successful.

  12. Verify the Embassy Local Root CA certificate is in the “Certificates” folder.

    Successful cert install

    Embassy Local Root CA imported into Certificate folder

  13. You can save the settings to the console if desired, or not by pressing Yes or No. The CA certificate will remain imported to the CA certificate store either way.