Installation guide
Storing and Transporting Certificates
A certificate contains the public half of a key pair, identifying information, and an authenticating signature.
Although none of this information is confidential, you must ensure and maintain the authenticity of
certificates that you distribute so that untrustworthy certificates are never used inadvertently.
You can store a certificate in a format that includes the private key. In that case, the data is sensitive, and
you must safeguard, store, and transport it securely.
NOTE To import or export a certificate to UNIX, use the CSI_ ManageCertificateStore utility provided
with your VCM UNIX Agent installation package.
Access the Windows Certificate Store
To work with certificates on a Windows machine, open the Microsoft Management Console (MMC) and
Certificates snap-in.
Procedure
1. At the command prompt, type mmc.
2. Select File > Add/Remove Snap-in.
3. Select Certificates and click Add.
4. Select Computer account and click Next.
5. Select Local computer and click Finish.
6. Click OK.
Export a Certificate on Windows
One way to export a certificate is through the Microsoft Management Console (MMC).
Prerequisite
Open the certificate store. See "Access the Windows Certificate Store" on page 68.
Procedure
1. In the certificates stores, navigate to the certificate to export.
2. Right click the certificate, and select All Tasks > Export.
3. In the Certificate Export wizard, click Next.
4. If the private key for the certificate is available and exportable, the Export Private Key wizard page
appears, and you can opt to export the private key.
5. On the Export File Format wizard page, if you are exporting the private key, select the PFX format.
Otherwise, select the Base-64 encoded X.509 format.
6. If you are exporting the private key, enter a password to protect the private key. The password is
required when importing the file.
7. Click Next.
8. Browse to the folder where you are storing the exported certificate file.
VCM Security Guide
68
VMware, Inc.