I have a PFX file (.p12) that is needed to allow access a remote web page. Double-clicking on this file and following a few prompts easily adds the certificate to a personal store, but this only works for the currently logged-in user.
I want to install the certificate in such a way that it will be usable by all users of a particular windows server.
What I've tried so far:
- Use the MMC to add a Certificates snap-in for "Computer account", import the cert under the "Personal" store. This didn't work.
- Using certmgr.exe to add a cert to the "localMachine" store, but discovered that this tool doesn't actually exist on a typical Windows install. Do I really have in install Visual Studio in order to import a client certificate?
- Followed some instructions for Group Policy found here, but didn't get very far (no Trusted Publishers object). I was only looking at Local Group Policy, though.
Best Answer
I think you're hoping for a place to put the cert that everyone can share. You can't do that. Each user needing to use the certificate will have to import it into her store while logged in. You may be able to script that process for the users, but the cert will have to be present in each user accounts store.