When exchanging CA certificates with another organization, you should verify the fingerprint of the certificate using a different communication method than the one used to transmit the certificate. For example, you could verify the certificate fingerprint with the sender by telephone to ensure the certificate was not intercepted and modified during transmission. CA certificates are imported on the Certificate Trust List property page of the CA object.