Certificate Permissions

There’s a few instances where I’ve needed to install certificates and grant nominated accounts rights to open them (including the private key) – mainly for Microsoft cloud solutions for Live@Edu and Office365.

This relies on the winhttpcertcfg tool (download here) and once installed uses the following command line to grant rights over a certificate:

Which in this instance, looks up the certificate with the friendly name “my_cert” and grants “my_account” rights over it.

What’s occasionally useful, is to import the cert on behalf of a specific user via:

Which notationally opens the certificate held in my_cert.pfx (password = pfx_password) and adds it to the correct cert store for my_account to access it.


Details of the full command line can be found over at MSDN.

This entry was posted in Certificate, Snippets, Tools and tagged , , , , , , , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *