Sign in
 
HomeWindows 8Windows 7Windows VistaWindows XPMDOPWindows IntuneLibraryForums
Windows Client >
Corrupt Certificate Store?

Unanswered Corrupt Certificate Store?

  • Monday, March 19, 2012 9:17 AM
     
     
    Sign In to Vote
    0

    Hi,

    I have a user who has a strange issue with his Cert store. It only seems to be affecting his "personal" store. When inporting or creating a cert manually the certificate isn't staying in the store. It simply vanishes, not allowing anything to remain.It will create the key in C:\Users\<username>\AppData\Roaming\Microsoft\Crypto\Keys, but the cert is nowhere to be seen. importing certs to other store works fine, it's just Personal.

    We eventually managed  to manually create the cert using the below command (same result for pfx and certs)

    Certutil –user –importpfx c:\temp\test.pfx

    This works, but when programs (in this case the user needs to use "Fiddler") try to create a cert, nothing is imported. This behaviour also occurs as another user logged on to the machine. all are local admins.

    I'm not massively confident with Cert Store, is there a quick way to repair or force permissions etc??

    (64bit, Win7 Enterprise)

    Thanks

     

All Replies

  • Monday, March 19, 2012 10:36 AM
     
     
    Sign In to Vote
    0
    "spudgun79" wrote in message news:8b787d1f-742a-46f1-9524-8e0707aa6820...

    Hi,

    I have a user who has a strange issue with his Cert store. It only seems to be affecting his "personal" store. When inporting or creating a cert manually the certificate isn't staying in the store. It simply vanishes, not allowing anything to remain.It will create the key in C:\Users\<username>\AppData\Roaming\Microsoft\Crypto\Keys, but the cert is nowhere to be seen. importing certs to other store works fine, it's just Personal.

    We eventually managed  to manually create the cert using the below command (same result for pfx and certs)

    Certutil –user –importpfx c:\temp\test.pfx

    This works, but when programs (in this case the user needs to use "Fiddler") try to create a cert, nothing is imported. This behaviour also occurs as another user logged on to the machine. all are local admins.

    I'm not massively confident with Cert Store, is there a quick way to repair or force permissions etc??

    (64bit, Win7 Enterprise)

    Thanks

    Try checking the permissions on the folder.....
    I get
    icacls C:\Users\<username>\AppData\Roaming\Microsoft\Crypto
    C:\Users\<username>\AppData\Roaming\Microsoft\Crypto NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F)
                                                       BUILTIN\Administrators:(I)(OI)(CI)(F)
                                                       NoelAsus-PC\NoelAsus:(I)(OI)(CI)(F)
    and
    icacls C:\Users\<username>\AppData\Roaming\Microsoft\Crypto\Keys
     
    C:\Users\<username>\AppData\Roaming\Microsoft\Crypto\Keys NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F)
                                                            BUILTIN\Administrators:(I)(OI)(CI)(F)
                                                            NoelAsus-PC\NoelAsus:(I)(OI)(CI)(F)
     
     
    (but this in in a workgroup machine rather than a domain one)
     
     
    Noel Paton | Nil Carborundum Illegitemi | CrashFixPC | The Three-toed Sloth
     
  • Friday, March 23, 2012 4:07 PM
     
     
    Sign In to Vote
    0
    all permissions are correct and as they should be.
     
  • Thursday, March 29, 2012 3:10 PM
     
     
    Sign In to Vote
    0
    This one's still an issue. if anyone has any ideas, would be greatly appreciated!