• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 12978
  • Last Modified:

Getting an error when trying to import a certificate into the "Trusted Root Authorities"

I am having trouble importing a web certificate to the "Trusted Root Authorities" store. We keep getting the following message:

"the import failed because the store was read-only, the store was full, or the store did not open correctly"

The user is a local Admin and we were able to import it into the "Trusted Publishers" Store where it also has to be added.

I tried deleting a few certificates from the store and we are still getting the error.

She is running XP.

Any Ideas?

Thank you,

1 Solution
ParanormasticCryptographic EngineerCommented:
Easiest way - if you have the cert in any of the stores, open up Certificates MMC and just click and drag it to the trusted roots.

Can also try deploying it via GPO:
Computer Configuration/Windows Settings/Security Settings/Public Key Policies/Trusted Root Certification Authorities

If that doesn't work, it sounds like the root store may be corrupt - if you have a registry repair tool, you might try running that (backup system first!)

Can also check permissions on HKCU and HKLM areas for:

Can try exporting these from another similar system that is working better and importing.

When you import, you can also try manually pointing and when you browse try enabling the checkmark for 'show physical stores'

The trusted roots should not go over 60 certs or so, sometimes okay up to around 80.  If you have that many self signed web certs, you might consider either dropping 30 bucks a piece for a godaddy cert or else set up your own CA so you only need the CA's root cert instead of a self-signed cert for every single web server, etc.

If you didn't reboot after cleaning out the root store, do so.
EGioeAuthor Commented:
Thanks Paranormastic,

I used the Certificates MMC as Computer user and was able to import it with no issues.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now