Solved

Getting an error when trying to import a certificate into the "Trusted Root Authorities"

Posted on 2009-05-14
2
11,651 Views
Last Modified: 2013-12-08
I am having trouble importing a web certificate to the "Trusted Root Authorities" store. We keep getting the following message:

"the import failed because the store was read-only, the store was full, or the store did not open correctly"

The user is a local Admin and we were able to import it into the "Trusted Publishers" Store where it also has to be added.

I tried deleting a few certificates from the store and we are still getting the error.

She is running XP.

Any Ideas?

Thank you,

Evan
0
Comment
Question by:EGioe
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 31

Accepted Solution

by:
Paranormastic earned 125 total points
ID: 24390054
Easiest way - if you have the cert in any of the stores, open up Certificates MMC and just click and drag it to the trusted roots.

Can also try deploying it via GPO:
Computer Configuration/Windows Settings/Security Settings/Public Key Policies/Trusted Root Certification Authorities


If that doesn't work, it sounds like the root store may be corrupt - if you have a registry repair tool, you might try running that (backup system first!)

Can also check permissions on HKCU and HKLM areas for:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates

Can try exporting these from another similar system that is working better and importing.

When you import, you can also try manually pointing and when you browse try enabling the checkmark for 'show physical stores'

The trusted roots should not go over 60 certs or so, sometimes okay up to around 80.  If you have that many self signed web certs, you might consider either dropping 30 bucks a piece for a godaddy cert or else set up your own CA so you only need the CA's root cert instead of a self-signed cert for every single web server, etc.

If you didn't reboot after cleaning out the root store, do so.
0
 

Author Closing Comment

by:EGioe
ID: 31581593
Thanks Paranormastic,

I used the Certificates MMC as Computer user and was able to import it with no issues.
0

Featured Post

What Is Transaction Monitoring and who needs it?

Synthetic Transaction Monitoring that you need for the day to day, which ensures your business website keeps running optimally, and that there is no downtime to impact your customer experience.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction If you're like most people, you have occasionally made a typographical error when you're entering information into an online form.  And to your consternation, the browser remembers the error, and offers to autocomplete your future entr…
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This Micro Tutorial will demonstrate how to add subdomains to your content reports. This can be very importing in having a site with multiple subdomains.
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question