Microsoft KB Archive/834474

= An installed certificate does not appear in the &quot;Select the certificate you want to use&quot; list in Live Communications Server 2003 =

Article ID: 834474

Article Last Modified on 2/9/2004

-

APPLIES TO


 * Microsoft Office Live Communications Server 2003

-





SYMPTOMS
After you install a certificate on your Microsoft Office Live Communications Server 2003 computer, the certificate does not appear in the Select the certificate you want to use list. Therefore, you cannot select that certificate to enable Transport Layer Security (TLS) Mutual authentication.



CAUSE
This issue occurs if you install the certificate in the local user certificate store. Live Communications Server 2003 cannot use certificates that are located in the local user certificate store. This issue may occur if you do not request a computer certificate or if you do not store the certificate in the local computer certificate store. To determine whether the certificate is in the local user certificate store, follow these steps:
 * 1) Click Start, click Run, type mmc in the Open box, and then click OK.
 * 2) On the File menu, click Add/Remove Snap-in.
 * 3) Click Add, click Certificates, click Add, click My user account, click Finish, click Close, and then click OK.
 * 4) Under Certificates - Current User, expand Personal, and then click Certificates.
 * 5) View the right pane to see if the certificate appears.



RESOLUTION
To resolve this issue, request a computer certificate, and then install that certificate in the local computer certificate store. Live Communications Server 2003 requires a certificate that has both server and client authentication attributes. To request a computer certificate, follow these steps:  On the Live Communications Server computer, create a Microsoft Management Console (MMC) snap-in for the Certificates tool. To do this, follow these steps:  Click Start, click Run, type mmc in the Open box, and then click OK. On the File menu, click Add/Remove Snap-in. Click Add, click Certificates, click Add, click Computer account, click Next, click Finish, click Close, and then click OK.  Expand Certificates (Local Computer), expand Personal, right-click Certificates, point to All Tasks, and then click Request New Certificate.</li> In the Certificate Request Wizard, click Next.</li> In the Certificate types list, click Computer, and then click Next.</li> Type a name for the certificate, click Next, and then click Finish.</li> When you receive the following message, click OK:

The certificate request was successful.

</li></ol>

This new certificate appears in the Select the certificate you want to use list in the Select Certificate dialog box in Live Communications Server 2003.

For additional information about how to request or about how to install a certificate, see Windows Server 2003 Help and Support.

<div class="moreinformation_section">

MORE INFORMATION
If you install a Web Server certificate in the certificate store of the local computer, that certificate appears in the Select the certificate you want to use list in the Select Certificate dialog box in Live Communications Server 2003. However, if you select this certificate and then click OK, you receive the following error message:

Live Communications Server requires a certificate that has both Server and Client Authentication attributes as part of its Enhanced Key Usage (EKU). Please select a new one.

<div class="references_section">