Find physical path to public certificate in Windows Server 2003 LocalMachine/My store

Question

I am trying to find the file system path to a public key that was imported into the LocalMachine/My (personal) cert store so that I can grant read & execute permissions to a custom App_pool account. I tried using findprivatekey.exe and winhttpcertcfg.exe with no luck. Here is the path I have so far, just don't know which one to apply the permissions to.

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys

findprivatekey.exe always fails to locate the cert.

winhttpcertcfg -l -c LOCAL_MACHINE\My -s MyCertificate returns with

Access was not successfully obtained for the private key. this can only be done by the user who installed the certificate.

However, I installed the cert so I think it has to do with the fact its not a private cert but a public one.

Any advice...? Also, this is on Windows Server 2003

Answer 1

The Certificates are usually imported into a registry location e.g.

HKEY_CURRENT_USER
   Software
      Microsoft
         SystemCertificates

See System Store Locations

If you are looking for what an application does, then download Microsoft ProcMon, which will allow you to monitor what files and registry locations are touched on a system for an operation.

Answer 2

Here is what I have learned with this issue, when you import the .cer file on a Windows Server 2003 box, a pop-up (screenshot below) window will ask about validation. Click YES or you will have the access to the private key issue.

Security Warning Screenshot:

That was one thing I have noticed because I had one server out of three that the pop-up showed and I had no issues assigning permissions to NETWORKSERVICE and ASPNET.

A workaround is to export the cert from another server with the key creating a password. I was able to do this in IIS 7 on the server that the certificate was created for. Once I had the .pfx, I imported on the other two servers that had this issue and I was able to assign the permissions.