Installing a Self-Signed Certificate as a Trusted Root CA in Windows Vista

Installing a Self-Signed Certificate as a Trusted Root CA in Windows Vista

  • Comments 8
  • Likes

[Today's post comes to us courtesy of Wayne McIntyre]

In order for RPC over Http to work you must have a Trusted CA Root Certificate installed and configured. In a situation where you are using a self-signed cert you will need to install the certificate into the Trusted Root Certification Authorities store.

1. Connect to your OWA site by going to https://host.domainname.com/exchange

VistaScreen1.jpg

You should see a screen like the above due to the fact that your self-signed cert is not trusted.

2. Choose "Continue to this website (not recommended)".

VistaScreen2.jpg

You should then be presented with your OWA logon page.

3. Click on “Certificate Error” beside the address bar and select view certificates.

ViewCertscreen.jpg

VistaScreen3.jpg

If you do not see the Install Certificate option close IE7 and then right click on IE7 and choose run as administrator and load the page again.

4. Once you have the install certificate button available, select "Install Certificate".

5. This will launch the Certificate Import Wizard. Make sure to Choose the option “Place all certificates in the following store” and select browse.

Vistascreen4.jpg 

6. Select Trusted Root Certification Authorities and click Ok.

Vistascreen5.jpg

* In some cases you have to check show physical stores, then select “Local Computer” under Trusted Root Certification Authorities.

image

7. Click Finish on Completing the Certificate Import Wizard

Vistascreen6.jpg

8. Click yes on the security warning to install the certificate

Vistascreen7.jpg

9. If you want to verify the Certificate has been installed you can load the certificates snap in and you should see it under Certificates –Current User-Trusted Root Certification Authorities-Certificates.

VistaScreen8.jpg

Note: You can also copy it to the local computers certificate store so it applies for all users that use the machine.

If you install the certificate but then cannot see it please read the following KB article: http://support.microsoft.com/default.aspx?scid=kb;EN-US;932156

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment
Comments
  • A couple of notes for more advanced users:

    (1) You can create a group policy object and import this certificate into "Computer Settings\Windows Settings\Security Settings\Public Key Policies\Trusted Root Certification Authorities".  Link the GPO at the domain level to have it apply to all computers in the organization.

    (2) You can set up a certification authority on your SBS server, deploy the CA certificate via GPO as described above, and re-sign your web site certificate with the CA.  Installing Certificate Services is somewhat complicated, but it can be convenient to centralize (and mostly automate) the process of issuing and revoking certificates.

    One of these days, I'll write up a short how-to on CA deployment on Windows SBS 2003 R2.

    Best wishes,

    Matthew

  • One new subscriber from Anothr Alerts

  • I've talked about this before, but thought it was worth pointing people to this Installing a Self

  • Virtual PC 2007 is not agreeing with the network adapters on my Vista Ultimate HP tc4400 so I'm on

  • memphis city schools board of education website

  • I have been trying to install a certificate on a Vista Ultimate machine, and have followed all of the above instructions. (I have also checked the registry key has Read permissions.)

    I am getting a "Windows host process (Rundll32) has stopped working" error immediately after clicking "Finish" in the "Completing the Certificate Import Wizard" dialog. I am installing as an administrator. Can anyone help?

  • I have been trying to install a certificate on a Vista Ultimate machine, and have followed all of the above instructions. (I have also checked the registry key has Read permissions.)

    I am getting a "Windows host process (Rundll32) has stopped working" error immediately after clicking "Finish" in the "Completing the Certificate Import Wizard" dialog. I am installing as an administrator. Can anyone help?

  • it's too difficult to use facebook
    from pc