From WikiWiki
Jump to navigation Jump to search

certmgr.msc - user store certlm.msc - local machine store

Name Content Comment
Personal Certificates associated with private keys to which you have access. These are the certificates that have been issued to you, or to the computer or service for which you’re managing certificates. Example
Trusted Root Certification Authorities Implicitly trusted CAs. Includes all of the certificates in the Third-Party Root CAs store plus root certificates from your organization and Microsoft. If you’re an administrator and want to add third-party CA certificates to this store for all computers in a Windows .NET Active Directory domain, you can use Group Policy to distribute trusted root certificates to your organization. Example
Enterprise Trust A container for certificate trust lists. A certificate trust list provides a mechanism for trusting self-signed root certificates from other organizations and limiting the purposes for which these certificates are trusted. Example
Intermediate Certification Authorities Certificates issued to subordinate CAs. Example
Active Directory User Object Certificates associated with your user object and published in Active Directory. Example
Trusted Publishers Certificates from CAs that are trusted by Software Restriction policies. Example
Untrusted Certificates Contains certificates that have been explicitly identified as untrusted. Example
Third-Party Root Certification Authorities Trusted root certificates from CAs other than Microsoft and your organization. Example
Trusted People Certificates issued to people or end entities that are explicitly trusted. Most often these are self-signed certificates or certificates explicitly trusted in an application such as Microsoft Outlook. Example
Client Authentication Issuers Example new in 2012 R2
Certificate Enrollment Requests Pending or rejected certificate requests. Example
Smart Card Trusted Roots Example Example



  • AddressBook: Certificate store for other users.
  • AuthRoot: Certificate store for third-party certification authorities (CAs).
  • CertificationAuthority: Certificate store for intermediate certification authorities (CAs).
  • Disallowed: Certificate store for revoked certificates.
  • My: Certificate store for personal certificates.
  • Root: Certificate store for trusted root certification authorities (CAs).
  • TrustedPeople: Certificate store for directly trusted people and resources.
  • TrustedPublisher: Certificate store for directly trusted publishers.