Exporting Certificates to Client Machines (Workflow Manager 1.0)
Updated: July 17, 2012
If you want clients to be able to connect to a Workflow Manager management endpoint or Service Bus gateway to configure an auto generated SSL certificate, export the auto generated SSL certification authority (CA) and revocation list (CRL) to those clients. Use the following procedure:
On the machine where server is installed open the Workflow Manager PowerShell console and use Get-WFAutoGeneratedCA cmdlet to export the Certification Authority and Revocation list. If you do not provide file names, this cmdlet will export Certification Authority to AutoGeneratedCA.cer, and revocation list to AutoGeneratedCA.crl files.
Copy the files to the client machine.
On the client machine open an MMC window, and add the Certificates snap-in, pick the Computer Account and Local Computer options when asked.
In the MMC window, right click the Certificates\Trusted Root Certification Authorities, open All Tasks, and select Import. Select the AutoGeneratedCA.cer file and import it.
In the MMC window, right click the Intermediate Certification Authorities and import the CRL files. Select the AutoGeneratedCA.crl file and import it.
At this point you should be able to trust connections from that particular client. The CER format exports only the public key, not the private key.