Project

General

Profile

Storing a Windows 7 Machine Certificate » History » Version 8

Pranav Wright, 24.05.2011 10:50

1 5 Martin Willi
h1. Storing a Windows 7 Machine Certificate
2 1 Martin Willi
3 1 Martin Willi
First call up the _Microsoft Management Console_ (mmc) and add the Certificates Snap-In:
4 5 Martin Willi
5 6 Martin Willi
!snapin_add.png!
6 1 Martin Willi
7 1 Martin Willi
It is of the *utmost importance* that you select _Computer account_:
8 1 Martin Willi
9 6 Martin Willi
!snapin_computer_account.png!
10 1 Martin Willi
11 5 Martin Willi
Go into the _Certificates (Local Computer) / Personal / Certificates_ folder 
12 1 Martin Willi
13 6 Martin Willi
!snapin_personal_certificates.png!
14 1 Martin Willi
15 5 Martin Willi
and select the _Import_ action which will start the _Certificate Import Wizard_: 
16 1 Martin Willi
17 6 Martin Willi
!cert_import_wizard.png!
18 1 Martin Willi
19 5 Martin Willi
*Never double-click* on a PKCS12 certificate file because the content will end
20 1 Martin Willi
up in the _current user_ instead of the _local computer_ part of the Windows registry
21 5 Martin Willi
and will not be available for IPsec. A PKCS12 container stores an _end entity certificate_,
22 5 Martin Willi
a corresponding _private key_ and usually the _Root CA certificate_ or the whole CA trust chain.
23 1 Martin Willi
It is recommended to store all this information in the _Personal_ certificate store first and to move
24 5 Martin Willi
the Root CA certificate to the correct location later on.
25 1 Martin Willi
26 6 Martin Willi
!cert_import_wizard_store.png!
27 1 Martin Willi
28 1 Martin Willi
Select the PKCS12 (*.p12) certificate file to be imported:
29 1 Martin Willi
30 6 Martin Willi
!cert_import_wizard_path.png!
31 1 Martin Willi
32 2 Martin Willi
You are prompted for the passphrase the PKCS12 container is protected  with:
33 2 Martin Willi
34 6 Martin Willi
!cert_import_wizard_passphrase.png!
35 2 Martin Willi
36 2 Martin Willi
After the successful PKCS12 import the Root CA certificate can be moved to the
37 1 Martin Willi
_Trusted Root Certification Authorities / Certificates_ folder: 
38 5 Martin Willi
39 6 Martin Willi
!snapin_trusted_ca_certificates.png!
40 2 Martin Willi
41 5 Martin Willi
Double-clicking on the _end entity certificate_ left in the _Personal / Certificates_ folder
42 3 Martin Willi
shows that a corresponding private key is present in the registry:
43 2 Martin Willi
44 6 Martin Willi
!cert_general.png!
45 2 Martin Willi
46 3 Martin Willi
and that a valid certificate trust path has been established:
47 2 Martin Willi
48 6 Martin Willi
!cert_trust_path.png!
49 7 Pranav Wright
50 8 Pranav Wright
"essay writing help":http://writing-help.org/