I have a certificate installed in windows server 2003
The path I can see from MMC is: Certificates(Local Computer)/Personal/Certificates
I want to configure it i
<serviceCertificate findValue="xxxxx" storeLocation="LocalMachine" x509FindType="FindByThumbprint" />
I ended up using 'FindbyThumbprint', my service can find the certificate now.
To get the thumbprint of your certificate: http://msdn.microsoft.com/en-us/library/ms734695.aspx
A Certificate Store can be thought of as a logical container in the operating system that holds one or more certificates.The most common way to view the certificate stores is using the Certificates MMC.
You have to decide in which of the available stores you want to import your certificate. After that, you should add to your config file the proper store name.
For example: if your certificate is stored in Trusted People store you should have storeName="TrustedPeople".
This is the enumeration provided by Microsoft for StoreName in https://msdn.microsoft.com/en-us/library/system.security.cryptography.x509certificates.storename(v=vs.110).aspx
AddressBook -> The X.509 certificate store for other users.
AuthRoot -> The X.509 certificate store for third-party certificate authorities (CAs).
CertificateAuthority -> The X.509 certificate store for intermediate certificate authorities (CAs).
Disallowed -> The X.509 certificate store for revoked certificates.
My -> The X.509 certificate store for personal certificates.
Root -> The X.509 certificate store for trusted root certificate authorities (CAs).
TrustedPeople -> The X.509 certificate store for directly trusted people and resources.
TrustedPublisher -> The X.509 certificate store for directly trusted publishers.
Most of the cases you store your certificate inside "Personal" store so the most common value for store name is "My".
Try storeName="My", that's the usual value.
As far as makecert commands go (like below):
makecert -sk MyKeyName -iv RootCaClientTest.pvk -n "CN=tempClientcert" -ic
RootCaClientTest.cer -sr currentuser -ss My -sky signature -pe
The "-ss
" specifies the store name for the certificate. "My
" is the personal store location of the certificate."