Importing a wildcard certificate into the Personal store for the local computer
To import a wildcard certificate into the Personal store for the local computer
Copy the file containing the exported wildcard certificate to the Microsoft Forefront Threat Management Gateway computer.
Click Start, click Run, type mmc in the Open text box, and then click OK.
In the Console1 window, click the File menu, and then click Add/Remove Snap-in.
In the Add or Remove Snap-ins dialog box, select Certificates, and then click Add.
On the Certificates snap-in page, select Computer account, and then click Next.
On the Select Computer page, select Local computer, and then click Finish.
In the Add or Remove Snap-ins dialog box, click OK.
In the console tree, expand the Certificates (Local Computer) node. Right-click the Personal node, point to All Tasks, and then click Import.
On the Welcome to the Certificate Import Wizard page, click Next.
On the File to Import page, click Browse, and then locate and select the certificate file that you copied to the local Forefront TMG computer. Click Next after the selected file name appears in the File name text box.
On the Password page, type the password that you assigned to the certificate file in the Password text box, and then select Mark this key as exportable.
On the Certificate Store page, verify that Place all certificates in the following store is selected, and then click Next.
On the Completing the Certificate Import Wizard page, click Finish.
On the Certificate Import Wizard dialog box informing you that the import was successful, click OK.
In the console tree, expand the Personal store, and then click Certificates.
In the details pane, double-click the wildcard certificate. On the Certification Path tab, you should see the name of the certification authority (CA) that issued the certificate at the top of the list. If you do not, restart the Forefront TMG computer and open this snap-in. If the CA name does not appear at the top of the list, the root CA certificate is not installed in the Trusted Root Certification Authorities store. Because we installed an enterprise CA and the Forefront TMG computer is a member of the same domain as the enterprise CA, the root CA certificate should be automatically added to the Trusted Root Certification Authorities store.
Expand the Trusted Root Certification Authorities store. In the details pane, you should see the name of the CA that issued the wildcard certificate.
Close the MMC console and do not save the changes.
After you successfully complete this procedure, the next task is to remove the wildcard certificate from the Web server on which it was obtained. For instructions, see Removing a wildcard certificate from a Web server.