Manage Windows certificates with the Certificate Manager

Edited by Rich, Eng

Certificates are issued by a third party certification authority to identify a person or organization. They are used by the Windows system to administer user account privileges and to allow trusted companies to update and install programs to the operating system. Certificates may only be created and managed by users with administrator privileges. Beginning with Windows Vista, Microsoft operating systems ship with the Certificate Manager tool to allow the management of certificates.


Instructions 59387.jpg
  1. 1
    Open the start menu
    Open the start menu by either left-clicking the Windows icon in the lower-left section of the taskbar or by pressing the Windows key on the keyboard.
    Was this step helpful? Yes | No| I need help
  2. 2
    Load the Certificate Manager
    1. Enter the search term. certmgr.msc is the abbreviated application name for the manager.
    2. Press enter. Since we have typed the exact name in the search field, the application will start after a brief search when enter is pressed.
    3. Allow the application to run. When the User Account Control pop-up asks for permission, select "Yes."
    Was this step helpful? Yes | No| I need help
  3. 3
    Exploring the application
    1. The File bar. The top bar contains the file, view, help, and action menus. These familiar Windows menus contain options for manipulating the data that is shown in the application panes.
    2. The action bar. The next level contains typical file operations such as back, export, refresh, and paste.
    3. The left pane. The left pane shows the hierarchy tree for the current user. Each folder represents a different type of certificate for the user account.
    4. The right pane. The right pane is used to navigate through the tree and shows certificates when at the lowest level. When the certificates are visible a header of attributes is visible. Attributes such as Issued By, Issued To, Expiration Date, and Purpose.
    Was this step helpful? Yes | No| I need help
  4. 4
    Certificate Management
    1. Importing  
      1. Finding the Import option. Open the Action menu on the file bar and expand All Tasks. Left-click Import.
      2. Next. After reviewing the home splash screen select next.
      3. Locate the file. Type the file address or use the browse button to locate the certificate file.
      4. Enter password. Certificates may be password protected. Submit the password to continue.
      5. Choose where to save. Certificate stores are the locations where Windows saves certificates. Select the store which is most appropriate to the certificate being installed, this is most likely the personal store.
      6. Finish. Select the "Finish" button to complete the certificate import.
    2. Exporting  
      1. Choose file. A single file or the entire list may be selected for exportation.  
        1. Entire List. Select the "Certificates - Current User" in the left pane before exporting to backup the entire list.
        2. Single Folder. Select any single folder in the left window to export the certificates within that folder. Any number of folders or certificates can be output to a text file based on the objects selected.
      2. Start Operation. Select "Export List" from either the action menu or the action bar.
      3. Name file. Choose the save location, file format, and name the file. Press "Save" to create the export list.
    3. Viewing  
      1. Expand the directory tree. Select a category from the left pane to see a list of certificates within the right window. The certificates will be organized alphabetically. Attributes of each certificate will be available.
    4. Properties  
      1. Open Properties. Select a certificate and right click to open the context menu. Select properties.
      2. General Tab. The general tab will show the name of the certificate and allows the user to change the allowed purposes.
      3. Cross-Certificates Tab. Cross-certificate locations can be added through the "Add URL" button. Cross-certificates allow certificates to be accessed from different Public-Key-Infrastructure networks.
      4. OCSP Tab. The Online-Certificate Status Protocal is used to provide download locations to computers accessing a domain. The certificate may be downloaded at the provided URL's to add privileges to hosts.
      5. Extended Validation Tab. Object identifiers, OID, may be added to a certificate from this tab. OID add another layer of identity to the certificate which increases user trust.
    5. Deleting  
      1. X marks the spot. Select the X from the action bar, or right-click and select delete from the context menu, to remove any selected certificates.
    6. Move. Simply, drag and drop a certificate to move the certification to another category. Confirm "yes" In the pop-up window.
    Was this step helpful? Yes | No| I need help

Tips Tricks & Warnings

  • Backup! Always backup the files before making any changes to certificates.
  • Help. The built in help features of the certmrg.msc program are an excellent source of information. F1 will load the help menu in any Windows application.

If you have problems with any of the steps in this article, please ask a question for more help, or post in the comments section below.


Article Info

Categories : Windows

Recent edits by: Rich

Share this Article:

Thanks to all authors for creating a page that has been read 2,035 times.


Thank Our Volunteer Authors.

Would you like to give back to the community by fixing a spelling mistake? Yes | No