When I was installing a Thawte SSL certificate on to a new small business server 2008 I cam across the following error which prevented me from installing the certificate at first. I thought I would have to generate a new CSR and wait for Thawte to re-issue the certificate however there is another way around this.
To fix this and install the certificate you will need to import the certificate in the certificates management snap-in and then use certutil to repair the key store. This can be done by following the steps below.
- Go to Start>Run and type in MMC.exe and press enter.
- Go to File>Add/Remove Snap-in
- Select certificates and press add
- Select computer account and press next
- Select local computer and press finish
- Press ok to go back to the MMC window and you should now see certificates shown
- Expand certificates and select personal
- Right click the personal folder and select All Taks>Import
- Browse to the certificate file and click through the wizard to import it
- In the right hand pane double click the certificate you imported to open its properties
- Go to the details tab and scroll down until you see the thumbprint
- Copy the thumbprint text to the clipboard
- Go to Start>Run and type in cmd.exe and press enter
- In the command prompt box type “certutil -repairstore my “insert thumbprint here””
- You should see a message about the repair store being completed and the certificate installation is now complete.