?
Solved

Getting an error when trying to import a certificate into the "Trusted Root Authorities"

Posted on 2009-05-14
2
Medium Priority
?
11,952 Views
Last Modified: 2013-12-08
I am having trouble importing a web certificate to the "Trusted Root Authorities" store. We keep getting the following message:

"the import failed because the store was read-only, the store was full, or the store did not open correctly"

The user is a local Admin and we were able to import it into the "Trusted Publishers" Store where it also has to be added.

I tried deleting a few certificates from the store and we are still getting the error.

She is running XP.

Any Ideas?

Thank you,

Evan
0
Comment
Question by:EGioe
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 31

Accepted Solution

by:
Paranormastic earned 500 total points
ID: 24390054
Easiest way - if you have the cert in any of the stores, open up Certificates MMC and just click and drag it to the trusted roots.

Can also try deploying it via GPO:
Computer Configuration/Windows Settings/Security Settings/Public Key Policies/Trusted Root Certification Authorities


If that doesn't work, it sounds like the root store may be corrupt - if you have a registry repair tool, you might try running that (backup system first!)

Can also check permissions on HKCU and HKLM areas for:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates

Can try exporting these from another similar system that is working better and importing.

When you import, you can also try manually pointing and when you browse try enabling the checkmark for 'show physical stores'

The trusted roots should not go over 60 certs or so, sometimes okay up to around 80.  If you have that many self signed web certs, you might consider either dropping 30 bucks a piece for a godaddy cert or else set up your own CA so you only need the CA's root cert instead of a self-signed cert for every single web server, etc.

If you didn't reboot after cleaning out the root store, do so.
0
 

Author Closing Comment

by:EGioe
ID: 31581593
Thanks Paranormastic,

I used the Certificates MMC as Computer user and was able to import it with no issues.
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes people don't understand why download speed shows differently for Windows than Linux.Specially, this article covers and shows the solution for throughput difference for Windows than a Linux machine. For this, I arranged a test scenario.I…
Ever visit a website where you spotted a really cool looking Font, yet couldn't figure out which font family it belonged to, or how to get a copy of it for your own use? This article explains the process of doing exactly that, as well as showing how…
This Micro Tutorial will demonstrate how to add subdomains to your content reports. This can be very importing in having a site with multiple subdomains.
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.
Suggested Courses

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question