Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How do I know what the storeName of a certificate is?

I have a certificate installed in windows server 2003

The path I can see from MMC is: Certificates(Local Computer)/Personal/Certificates

I want to configure it in my wcf config. How do I know what the storeName is?

This is what I get so far in my wcf config

<serviceCertificate findValue="certificate.example.com" storeLocation="LocalMachine" storeName="???" x509FindType="FindBySubjectName" />
like image 407
yang-qu Avatar asked Apr 30 '10 06:04

yang-qu


People also ask

How do I find a certificate store name?

System Certificate Stores:The certificate store is located in the registry under HKEY_LOCAL_MACHINE root. Current user certificate store: This certificate store is local to a user account on the computer. This certificate store is located in the registry under the HKEY_CURRENT_USER root.

How do I look up a certificate?

To view certificates for the local deviceSelect Run from the Start menu, and then enter certlm. msc. The Certificate Manager tool for the local device appears. To view your certificates, under Certificates - Local Computer in the left pane, expand the directory for the type of certificate you want to view.

Where is certificate Localmachine?

This certificate store is located in the registry under the HKEY_LOCAL_MACHINE root. This type of certificate store is local to a user account on the computer.

How do I find trusted root certification authorities?

In the left pane, click Console Root > Certificates (Local Computer) > Trusted Root Certification Authorities > Certificates. In the right pane, check if the certificate which was created before is available in the store. If the certificate appears in the list, this step is completed.


2 Answers

A Certificate Store can be thought of as a logical container in the operating system that holds one or more certificates.The most common way to view the certificate stores is using the Certificates MMC.

You have to decide in which of the available stores you want to import your certificate. After that, you should add to your config file the proper store name.

For example: if your certificate is stored in Trusted People store you should have storeName="TrustedPeople".

This is the enumeration provided by Microsoft for StoreName in https://msdn.microsoft.com/en-us/library/system.security.cryptography.x509certificates.storename(v=vs.110).aspx

AddressBook -> The X.509 certificate store for other users.

AuthRoot -> The X.509 certificate store for third-party certificate authorities (CAs).

CertificateAuthority -> The X.509 certificate store for intermediate certificate authorities (CAs).

Disallowed -> The X.509 certificate store for revoked certificates.

My -> The X.509 certificate store for personal certificates.

Root -> The X.509 certificate store for trusted root certificate authorities (CAs).

TrustedPeople -> The X.509 certificate store for directly trusted people and resources.

TrustedPublisher -> The X.509 certificate store for directly trusted publishers.

Most of the cases you store your certificate inside "Personal" store so the most common value for store name is "My".

like image 179
afonte Avatar answered Sep 16 '22 18:09

afonte


Try storeName="My", that's the usual value.

As far as makecert commands go (like below):

makecert -sk MyKeyName -iv RootCaClientTest.pvk -n "CN=tempClientcert" -ic 
             RootCaClientTest.cer -sr currentuser -ss My -sky signature -pe

The "-ss" specifies the store name for the certificate. "My" is the personal store location of the certificate."

like image 23
Tanner Avatar answered Sep 19 '22 18:09

Tanner