Storing client certificates in the Microsoft Certificate store
You must complete the following steps before you can store the client certificate in the Microsoft Certificate store:
1. On the Security Server, locate the Client Certificate PKCS #12 file (.PFX). This file can be found in the following location:
C:\Program Files\BlueZone Security Server\Certs\New
The Certificate Name that was used during the certificate generation process, is used as the file name.
2. Copy the desired .PFX file to a diskette, email it to the end user, or otherwise make it available to the end user in a secure fashion.
Note
For maximum security, you can personally hand this file to the end user. The whole purpose of using Client Certificates is to insure the identity of the end user.
3. Provide the end user with the Private Key password that was used during the Client Certificate generation process. This password is needed by the end user during BlueZone client authentication.
Note
For security reasons, it is recommended that you provide the Private Key password to the end user in such a way that it is not part of or included with the distribution of the .PFX file.
Follow the steps below to configure the BlueZone client to store the client certificate in the Microsoft Certificate store:
1. On the end user's machine, launch the desired BlueZone client. From the menu bar, click Session Configure Configure to display the Connections window.
2. Highlight the desired connection from the Connection List.
3. Click the Security tab to display the Security Options and ensure the Enable Secure Sockets Layer check box is selected.
4. Click the Certificate tab and select the Client Certificate in Certificate Store option.
5. Launch Internet Explorer.
6. From the Internet Explorer menu bar, click Tools Internet Options. The Internet Options window appears.
7. Click the Content tab and click Certificates.
8. Click Import. The Certificate Import Wizard appears.
9. Click Next.
10. Click Browse and locate the .PFX file. You may have to select .PFX from the Files of Type drop-down menu.
11. Select the .PFX file and click Open.
12. Click Next.
13. Provide the Private Key password that was used to create the certificate.
14. Select the Mark this key as exportable check box.
15. Click Next.
16. Select the Place all certificates in the following store radio button and Personal is selected as the Certificate store.
17. Click Next. A summary of your selections appears.
18. Click Finish. A message appears stating that the importation was successful.
19. Close the Wizard and close Internet Explorer.
20. Test the connection by making a connection to the Security Server.