Problem Importing a certificate using trusted domain ID

Question

question

Yankee30 asked Oct 26, '21 LimitlessTechnology-2700 answered Oct 27, '21

Problem Importing a certificate using trusted domain ID

Dmz.com and internal.com domains are in external trust

Logged into a server W2k19.dmz.com(behind LB/FW) domain with a user id from internal.com domain internal\UserA
When trying to import a certificate using current user account it gives me an error.

Error: An internal error occurred. Either the user profile is not accessible or the private key that you are importing might require a cryptographic service provider that is not installed on your system.

Also if I move the same server to a network not be behind LB and log in with a user id from internal.com domain internal\UserA. Importing a certificate using current user account works just fine.

But if I log in to the same server W2k19.dmz.com using id from same domain Dmz\UserB and try to import the certificate using current user account it works just fine.

I’m thinking something on the LB or firewall is blocking but what could it be ?

windows-active-directory windows-server-2019

5 |1600 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Answer 1 · 2021-10-27T07:48:06.057Z

LimitlessTechnology-2700 answered Oct 27, '21

Hello Yankee30,

Recently Microsoft published an article regarding this known issue and how to workaround:

Error when you import an SSL .pfx file into the local computer personal certificate store by using IIS Manager
https://docs.microsoft.com/en-us/troubleshoot/iis/cannot-import-ssl-pfx-local-certificate

--If the reply is helpful, please Upvote and Accept as answer--

5 |1600 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

question