반품
-
제목
The Administration Service could not find the certificate in the Windows Certificate Store -
설명
When configuring Mail Setup with Modern Authentication for Active Roles using a custom certificate the following error below is experienced.
"The Administration Service could not find the certificate in the Windows Certificate Store"
-
원인
The custom certificate was not imported or doesn't exist in the Personal store of the Active Roles Service Account. -
해결 방안
Solution 1
Log in to Windows with the service account for Active Roles and import the custom certificate into the Personal store location.
Solution 2
If a gMSA account is being used or the service account doesn't allow interactive logon, the certificate will need to be imported using either PowerShell or PsExec.
- PowerShell
- Open PowerShell as a different user
- Log in with the Active Roles Service Account;
- Execute the following cmdlets below
- $mypwd = Get-Credential -UserName 'Enter password below' -Message 'Enter password below'
- Import-PfxCertificate -FilePath C:\mypfx.pfx -CertStoreLocation Cert:\CurrentUser\My -Password $mypwd.Password
- PsExec
- Download PsExec from the Microsoft website;
- Extract PsExec and run the following cmdlet on the prompt
- PSExec64.exe -i -u domain\gMSA$ -p ~ cmd.exe
- Once the new Widows prompt is opened type the following certmgr.msc
- Import the certificate along with the private key;
-
추가 정보
For further details on how to use PsExec please engage Microsoft.