Create an association between the signed AD CS certificate and the keypair in the Windows Certificate Store

2min

This section explains how to associate the signed AD CS certificate with its corresponding private key stored in your Windows account profile. Before making this association, you must import the CA certificate that issued the AD CS certificate into the Trusted Root Certification Authorities Windows Certificate Store.
Import the CA Certificate that issued the AD CS Certificate into the Trusted Root Certification Authorities Store
1
On the computer where you plan to install Microsoft AD CS, open the Manage computer certificates program.
2
Right-click the Trusted Root Certification Authorities store and select All Tasks > Import.
3
Follow the steps in the Certificate Import Wizard to import the Root CA certificate file that you exported from the KMES and moved to this computer in the previous section.
A confirmation message displays if the import succeeds.
Associate the signed AD CS certificate with its corresponding private key stored in your Windows account profile
1
Open either the command prompt or PowerShell.
2
Go to the directory where you saved the signed AD CS certificate file.
3
Run the following command to create an association between the signed AD CS certificate and its corresponding key pair stored in your Windows account profile:
PowerShell
certreq -accept -machine signed_adcs_cert.pem
certreq -accept -machine signed_adcs_cert.pem
﻿
If the command succeeds, information about the installed certificate displays.
﻿

Updated 17 Feb 2024

Did this page help you?

Configure KMES Series 3

Install and configure the FXCL CNG