Solved

Getting an error when trying to import a certificate into the "Trusted Root Authorities"

Posted on 2009-05-14
2
11,262 Views
Last Modified: 2013-12-08
I am having trouble importing a web certificate to the "Trusted Root Authorities" store. We keep getting the following message:

"the import failed because the store was read-only, the store was full, or the store did not open correctly"

The user is a local Admin and we were able to import it into the "Trusted Publishers" Store where it also has to be added.

I tried deleting a few certificates from the store and we are still getting the error.

She is running XP.

Any Ideas?

Thank you,

Evan
0
Comment
Question by:EGioe
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 31

Accepted Solution

by:
Paranormastic earned 125 total points
ID: 24390054
Easiest way - if you have the cert in any of the stores, open up Certificates MMC and just click and drag it to the trusted roots.

Can also try deploying it via GPO:
Computer Configuration/Windows Settings/Security Settings/Public Key Policies/Trusted Root Certification Authorities


If that doesn't work, it sounds like the root store may be corrupt - if you have a registry repair tool, you might try running that (backup system first!)

Can also check permissions on HKCU and HKLM areas for:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates

Can try exporting these from another similar system that is working better and importing.

When you import, you can also try manually pointing and when you browse try enabling the checkmark for 'show physical stores'

The trusted roots should not go over 60 certs or so, sometimes okay up to around 80.  If you have that many self signed web certs, you might consider either dropping 30 bucks a piece for a godaddy cert or else set up your own CA so you only need the CA's root cert instead of a self-signed cert for every single web server, etc.

If you didn't reboot after cleaning out the root store, do so.
0
 

Author Closing Comment

by:EGioe
ID: 31581593
Thanks Paranormastic,

I used the Certificates MMC as Computer user and was able to import it with no issues.
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes people don't understand why download speed shows differently for Windows than Linux.Specially, this article covers and shows the solution for throughput difference for Windows than a Linux machine. For this, I arranged a test scenario.I…
If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
Google currently has a new report that is in beta and coming soon to Webmaster Tool accounts. This Micro Tutorial will highlight new features for Google Webmaster Tools.
How to create a custom search shortcut to site-search Experts Exchange using Google in the Firefox browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch your Bookmark Menu: Press 'Ctrl +…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question