This page documents a work-around for a problem where Windows does not associate a certificate (renewal or new certificate) with its private key.
- Import the certificate into the Windows certificate store using
- View the certificate
- Check for the statement "You have a private key that corresponds to this certificate" (see Fig.1)
- If you are missing this statement run the procedure described below
- From an administrative command prompt, run the following command:
certutil -repairstore my “serial no. of cert” inserting your certificate's serial number
- View the certificate (you may need to close and restart certmgr.msc to get it to refresh the display)
- If you now see the statement "You have a private key that corresponds to this certificate" the problem has been resolved.
Note: In one customer engagement we found that “
serial no. of cert” didn't work but supplying the certificate thumbprint did.