WinHttpCertCfg not importing certificate
- by Ramon Zarazua
I need to setup a deployment script that imports an SSL certificate that my service uses. I have tried importing with WinHttpCertCfg and with CertMgr to no avail.
Here are the command-line arguments I have tried to use with both:
winhttpcertcfg.exe -i <certname>.pfx -c LOCAL_MACHINE\My -p <password> -a <user service runs as>
and
CertMgr.exe -add -all -s -r localMachine -c <cert name> My
It seems from what I have investigated that CertMgr does not allow you to import certificates with a password, so I'd rather get winhttpcertcfg working.
When I run them I get the following output:
WinHttpCertCfg:
Microsoft (R) WinHTTP Certificate Configuration Tool
Copyright (C) Microsoft Corporation 2001.
CertMgr:
CertMgr Succeeded
However, when I look into the local machine certificates in MMC, try to load them from my service, or list it out through winhttpcertcfg, or even looking at the registry in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\MY\Certificates it is not found.
I have tried all of the following:
If I install the cert manually (Through CertMgr.msc dialogs) it works.
The user installing is running as administrator
The user installing has full access on the certificate
The tools print out an error when something is wrong (wrong password)
Tried it in multiple machines (All of them server 2008 R2)
At this point I am officially out of ideas.
Thank you.
