Solved

AD SSL Certificate

Posted on 2013-06-02
5
234 Views
Last Modified: 2013-08-12
Hi,

We have a SSL certificate for server authenticate for Citrix. I need to replace the old one with a new one. I have renewed it but not sure how to get the new one installed, in the personal store. Please find the figure attached.
Capture.JPG
0
Comment
Question by:ajoyrajan
5 Comments
 
LVL 17

Expert Comment

by:Kent Dyer
Comment Utility
Are you running NFuse?  There is a difference between personal store and computer store..  When you run the MMC to add in the computer certificates, you will probably want to use computer store and not personal store to manage certificates..  If it is part of NFuse, you will probably need to add the cert to IIS as well..  It has been a long time since I played with Citrix, so I am not sure about publishing the certs, but that may need to be looked at too.

HTH,

Kent
0
 
LVL 1

Author Comment

by:ajoyrajan
Comment Utility
it is not NFuse. It is just used for some users outside the organization to change their password over the internet.
0
 
LVL 15

Expert Comment

by:jerseysam
Comment Utility
0
 
LVL 1

Author Comment

by:ajoyrajan
Comment Utility
it is not on a IIS. There is no IIS installed on the DC.
0
 
LVL 31

Accepted Solution

by:
Paranormastic earned 500 total points
Comment Utility
I think kdyer is on the right track, here is something specific for you to do:

1. Use the "Run as Administrator" option to open a cmd box
2. cd into the directory where your certificate is saved
3. certutil -addstore my FILENAME.CER
   (replace FILENAME.CER with your certificate's filename.  note: 'my' is the actual term to use - it is not meant as a variable in this case)

4. certutil -dump FILENAME.CER | findstr /i /c:"serial"
5. Copy the value of the serial number from the output
6. certutil -repairstore my SERIAL_NUMBER
    (paste the serial number in place of SERIAL_NUMBER)

Check to see if you can find it now.  This will put the certificate in the machine context of the Personal ("my") store.  If you do it via GUI there is a decent chance you put it in the user context of the Personal store, which is the personal store that kdyer was trying to explain about.  The second part will re-associate the private key with the certificate - this may be an unnecessary step, but it frequently fixes issues where a certificate is not showing up & it doesn't hurt anything to do it anyways, so I recommend just doing it anyways.
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

We've all had that page pop up telling us there is a problem with the certificate and some of us continue on anyways and others run away to a safer competing site.  But what to do when you get the error - is it your problem or theirs?  What can you …
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
This video discusses moving either the default database or any database to a new volume.
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now