Project

General

Profile

Storing a Windows 7 Machine Certificate

First call up the Microsoft Management Console (mmc) and add the Certificates Snap-In:

It is of the utmost importance that you select Computer account:

Go into the Certificates (Local Computer) / Personal / Certificates folder

and select the Import action which will start the Certificate Import Wizard:

Never double-click on a PKCS12 certificate file because the content will end
up in the current user instead of the local computer part of the Windows registry
and will not be available for IPsec. A PKCS12 container stores an end entity certificate,
a corresponding private key and usually the Root CA certificate or the whole CA trust chain.
It is recommended to store all this information in the Personal certificate store first and to move
the Root CA certificate to the correct location later on.

Select the PKCS12 (*.p12) certificate file to be imported:

You are prompted for the passphrase the PKCS12 container is protected with:

After the successful PKCS12 import the Root CA certificate can be moved to the
Trusted Root Certification Authorities / Certificates folder:

Double-clicking on the end entity certificate left in the Personal / Certificates folder
shows that a corresponding private key is present in the registry:

and that a valid certificate trust path has been established:

snapin_add.png View (44.6 KB) Martin Willi, 05.05.2009 14:22

snapin_computer_account.png View (14.2 KB) Martin Willi, 05.05.2009 14:25

snapin_personal_certificates.png View (45.8 KB) Martin Willi, 05.05.2009 14:25

cert_import_wizard.png View (52.2 KB) Martin Willi, 05.05.2009 14:25

cert_import_wizard_store.png View (20.6 KB) Martin Willi, 05.05.2009 14:25

cert_import_wizard_path.png View (21.1 KB) Martin Willi, 05.05.2009 14:26

cert_import_wizard_passphrase.png View (21.9 KB) Martin Willi, 05.05.2009 14:26

snapin_trusted_ca_certificates.png View (60 KB) Martin Willi, 05.05.2009 14:26

cert_general.png View (20.4 KB) Martin Willi, 05.05.2009 14:26

cert_trust_path.png View (15.5 KB) Martin Willi, 05.05.2009 14:26