Storing a Windows Machine Certificate
Double-click on the PKCS#12 machine certificate container (
.p12file) and the Certificate Import Wizard pops up.
Since we want to store the end entity certificate, the matching private key and the Root CA certificate contained in the PKCS#12 file under the
HKEY_LOCAL_MACHINEbranch of the Windows registry, select Local Machine as Store Location. Then click Next.
After giving access control permission for the operation, the File to Import menu pops up.
The Private key protection menu pops up.
Enter the password with which the private key in the PKCS#12 container is protected and set the Import options (Enable strong private key protection is greyed out). Then click Next.
The Certificate store menu pops up.
Choose Automatically select the certificate store based on the type of certificate. Then click Next.
The Completing the Certificate Import Wizard menu pops up.
To complete the certificate import, click Finish.
A small popup window acknowledges the successful certificate import.
Click OK to close the window.
mmc(Microsoft Management Console) with the Certificates (Local Computer) Snap-in loaded, it can easily verified that the machine certificate has been stored in the correct location.
Clicking on the certificate entry in the
mmcopens a Certificate Information window showing that the matching private key has been stored in the registry, too.
The Root CA certificate has been automatically installed in the Trusted Root Certification Authorities folder.