My certificate is stored in a custom store under "Certificates(Local Computer)" instead of under "Personal".
Normally, if the cert is located under personal, i just use C:>netsh http add sslcert ipport:0.0.0.0: certhash= appid= certstorename=MY
where, certstorename=MY is already assumed by default if not specified.
This works fine until we were required to store the certificate in a custom store other than the existing personal, trusted people, trusted publishers, etc. etc.
- If we called our new store "my cert store", how would the new netsh command look like?
- how does the word "MY" map to the "Personal" store? is there a dictionary someplace that maps these?
i checked the System.Security.Cryptography.X509Certificates namespace and there exises an enum called StoreName with the following values:
- AddressBook – The X.509 certificate store for other users.
- AuthRoot – The X.509 certificate store for third-party certificate authorities (CAs).
- CertificateAuthority – The X.509 certificate store for intermediate certificate authorities (CAs).
- Disallowed – The X.509 certificate store for revoked certificates.
- My – The X.509 certificate store for personal certificates.
- Root – The X.509 certificate store for trusted root certificate authorities (CAs).
- TrustedPeople – The X.509 certificate store for directly trusted people and resources.
- TrustedPublisher – The X.509 certificate store for directly trusted publishers.
I tried all of them on the netsh command as certstorename and i always get this error:
SSL Certificate add failed, Error:1312
A specified logon session does not exist. It may already have been terminated.
Best Answer
What you are trying to do seems correct. Could you retry after applying hotfix http://support.microsoft.com/kb/981506 for a problem which actually matches your symptoms exactly.