Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

AD SSL Certificate

Posted on 2013-06-02
5
Medium Priority
?
257 Views
Last Modified: 2013-08-12
Hi,

We have a SSL certificate for server authenticate for Citrix. I need to replace the old one with a new one. I have renewed it but not sure how to get the new one installed, in the personal store. Please find the figure attached.
Capture.JPG
0
Comment
Question by:ajoyrajan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 17

Expert Comment

by:Kent Dyer
ID: 39215352
Are you running NFuse?  There is a difference between personal store and computer store..  When you run the MMC to add in the computer certificates, you will probably want to use computer store and not personal store to manage certificates..  If it is part of NFuse, you will probably need to add the cert to IIS as well..  It has been a long time since I played with Citrix, so I am not sure about publishing the certs, but that may need to be looked at too.

HTH,

Kent
0
 
LVL 1

Author Comment

by:ajoyrajan
ID: 39215358
it is not NFuse. It is just used for some users outside the organization to change their password over the internet.
0
 
LVL 15

Expert Comment

by:jerseysam
ID: 39215522
0
 
LVL 1

Author Comment

by:ajoyrajan
ID: 39218080
it is not on a IIS. There is no IIS installed on the DC.
0
 
LVL 31

Accepted Solution

by:
Paranormastic earned 1500 total points
ID: 39223498
I think kdyer is on the right track, here is something specific for you to do:

1. Use the "Run as Administrator" option to open a cmd box
2. cd into the directory where your certificate is saved
3. certutil -addstore my FILENAME.CER
   (replace FILENAME.CER with your certificate's filename.  note: 'my' is the actual term to use - it is not meant as a variable in this case)

4. certutil -dump FILENAME.CER | findstr /i /c:"serial"
5. Copy the value of the serial number from the output
6. certutil -repairstore my SERIAL_NUMBER
    (paste the serial number in place of SERIAL_NUMBER)

Check to see if you can find it now.  This will put the certificate in the machine context of the Personal ("my") store.  If you do it via GUI there is a decent chance you put it in the user context of the Personal store, which is the personal store that kdyer was trying to explain about.  The second part will re-associate the private key with the certificate - this may be an unnecessary step, but it frequently fixes issues where a certificate is not showing up & it doesn't hurt anything to do it anyways, so I recommend just doing it anyways.
0

Featured Post

WEBINAR - Latest Cyber Tips for Defense

Join the WatchGuard Threat Research Team on October 26th for an informative webinar featuring expert tips and tricks for defending your organization from today's latest cyber threats. Don't leave yourself vulnerable to attack. Register for the webinar today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We've all had that page pop up telling us there is a problem with the certificate and some of us continue on anyways and others run away to a safer competing site.  But what to do when you get the error - is it your problem or theirs?  What can you …
Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
Video by: ITPro.TV
In this episode Don builds upon the troubleshooting techniques by demonstrating how to properly monitor a vSphere deployment to detect problems before they occur. He begins the show using tools found within the vSphere suite as ends the show demonst…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…

598 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question