This session, we will take a look at two ways to access the certificate store on your physical machine.
Use Microsoft Management Console(MMC) snap-in
1. type "mmc
" in your cmd windows.
2. On the File
menu, click Add/Remove Snap In
.
3. Select "Certificate
" in the list, click "Add
". You have three options to select.
4. Then click "Finish
". The certificates will be shown similar to below picture. I have added "My user account
"(Current User) and "Computer account
"(Local Computer) (requires admin right).
As the above picture shows, under Trusted Root Certification Authorities, there are a list of the root CA. Most of them are installed by windows during the installation.
5. If you want to know where these cerficates are stored, you can change the display option. Select "View
" -> "Options
". But please make sure select the first level sub-root, such as the graph shows, "Certificates(Local Computer)". Then check the "Physical certificate stores
".
You can see that the trusted root certifiates can be stored in Registry, Group Policy and even Smart Card.(Not sure here Third-Party?)
6. As we mentioned that each certificate when issued by CA has its own purpose. So in the options dialog, you can also choose the View mode
as "Certificate Purpose
". We can see from below graph that certificate can be used to "Server Authentication", "Client Authentication", "Code Signing", etc.
7. Select the certificate you are interested in, then right click mouse, you can select to view/copy/cut/delete it.
Use Internet Explorer(IE)
This is also quite simply.
1. Start your IE.
2. click Tools
, then click Internet Options
to display the Internet Options
dialog box.
3. Click the Content
tab.
4. Under Certificates
, click Certificates
.
Ref:
http://msdn.microsoft.com/en-us/library/ms788967.aspx