Introduction
As documented in CoreOne Connectivity (Network ports and protocols), there are various distributed services that need a certificate to secure the connection between the two parties. Most of the times, those certificates are read from a local certificate store such as the Windows Certificate Store. This how to shows you how to add a certificate there and give the appropriate service user access to the private key.
Step 1 - Open MMC and add a Snap-in
Start the certificate store with; " + R | mmc". Now you will see the Certificate store. Add a new Snap-in with following steps:
Click on "File" and than click on "Add/Remove Snap-in" or with the keyboard shortcut ctrl + M
Open "Certificates" by double clicking it → Let the computer account to manage the certificates
Install the certificates on the local computer
To open the Snap-in just click "OK" at the end of these steps
Step 2 - Install the certificate
Navigate to the folder "Personal" and open it. Do a right click on the folder "Certificates" to open the task menu. Choose All Tasks → Import to import the certificate. Click "Next" in the first window. Now browse for the certificate that you want to add. After that click "Next" again.
...
To complete the changes click "Finish". Confirm all your changes by clicking "OK" in the popup window that will open.
...
Step 3 - Check the recently added certificate
Navigate to the certificate, which you added before, in the certificate store. Double click on the certificate and check the path and the status of the certificate.
...
Step 4 - Service User rights
Navigate to the certificate and do a right click on it "→ All Tasks → Manage private key" to manage the private key. Give full control to the service user on the certificate. Apply these changes with "OK"
...
Step 5 - Optional
Export public certificate to install it on an other server.
...