Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Wednesday, January 23, 2013 5:41 AM
Good evening,
I have a freshly installed Windows Server 2012 Standard. I have the GUI installed, but nothing else other than the basics.
I am intending to run a custom TCP application server on this system and I need to install a security certificate. However, I am unable to import the .p12 or .pfx files I have from two different providers regardless of what method I try to use. If I just double click on the file in Windows Explorer I get the following message:
- Invalid Public Key Security Object File
- This file is invalid for use as the following: Personal Information Exchange.
If I try to import the file via the certificate manager I get this message:
- Certificate Import Wizard
- The file type is not recognizable. Select another file.
I am able to import the above all ok on any previous version of Windows Server, and also in Windows 8 or Windows 7.
I have the impression that by default some underlying feature is not installed that is required for this to work; but I have not been able to find any documentation on this, anyone else with the same problem, and browsing the complete list of features doesn't present anything that sounds like it should be installed for this to work.
Thank you very much for any help anyone can provide.
All replies (2)
Saturday, January 26, 2013 5:05 AM âś…Answered | 2 votes
Hello again,
Just posting an update for anyone else finding this later. This issue was resolved for us by Microsoft Support.
The problem was something related to server's security settings, however it was unclear in the end which setting was the issue as we finally executed a script that reset all of the servers security settings system wide. Such a script would have drastic repercussions on a highly configured server. However, as my server was freshly installed and only a handful of items where configured, it wasn't a big deal for us to do so.
The following command (executed from a command prompt) is what reset all of the security settings. As described above, this would really make a mess on some/most servers.
secedit /configure /cfg %windir%\inf\defltbase.inf /db defltbase.sdb /verbose
Cheers
Monday, January 28, 2013 2:57 AM
Thank you for sharing the solution.