BizTalk Administration: Certificate locations
x509 certificates are used throughout BizTalk for various reasons, but configuring their usage is not always straight forward. Here is an index of where to put your certificates for them to be selectable, and then to be usable.
For selection | For using | |
---|---|---|
Parties | Local Computer "Other People" store on the system running the administration console | Not required, as the client sends a copy with the connection. |
Send Port | Local Computer "Other People" store on the system running the administration console | |
WCF Send Server | Your/Current admin user "Personal" store on the system running the administration console | Local Computer "Other People" store on the system running the administration console |
WCF Send Client | Your/Current admin user "Personal" store on the system running the administration console |
"Personal" store under the service account running the send port on the application host |
Service Account Personal Store
Installing certificates into the personal store of a service-account is easier said that done. Personally, I find this approach the quickest:
- Find an Internet Explorer shortcut (e.g. Click start, right click on IE and select 'Open file location'
- Hold Shift and right click on the shortcut
- Select Run as different user
- Enter the credentials for the server account
- In IE, click on Settings, Internet Options
- Navigate to the Content tab
- Click Certificates
- On the Personal tab, import your certificate/key pair (no need to mark as exportable).