A Secure Sockets Layer, also known as an SSL, is a standard security technology for establishing an encrypted link between a server and a client. Manipulating isn’t all that easy, and it can usually result in error messages if not done right.
Download DriverFix (verified download file).
Click Start Scan to find all problematic drivers.
Click Update Drivers to get new versions and avoid system malfunctionings.
DriverFix has been downloaded by 0 readers this month.
One good example is when you try to import a Secure Sockets Layer (SSL) private key certificate file into the local computer personal certificate store.
Many users reported having issues when trying to do so, and have reported receiving the following error message:
Luckily enough, there are solutions to these problems, and we have listed them in a step-by-step manner below.
An internal error occurred. This can be either the user profile is not accessible or the private key that you are importing might require a cryptographic service provider that is not installed on your system.
Note: This article contains information about how to modify the registry. Make sure to back up the registry before you modify it. Make sure that you know how to restore the registry if a problem occurs. For more information about how to back up, restore, and modify the registry, click the following article.
How do I import an SSL private key without errors?
According to Microsoft, there are 3 main causes for why this error occurs:
- You have insufficient permissions to access the following folders:
- DriveLetter:\Documents
- Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys
- A third-party registry subkey exists that prevents IIS from accessing the cryptographic service provider
- You are logged on to the computer remotely through a Terminal Services session, and the user profile is not stored locally on the server that has Terminal Services enabled.
As you can imagine, by knowing what causes the issue, it is now easy to figure out what the logical fixes are.
- DriveLetter:\Documents
- Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys
1. Reset permissions for the MachineKeys folder
- Right-click the MachineKeys folder
- Click Advanced on the Security tab
- Click View/Edit
- Select the Reset Permissions on all Child objects and enable propagation of inheritable permissions checkbox
2. Delete the third-party registry subkey
- Press Windows + R
- Type in regedit.exe
- This will open the Registry Editor
- If the following registry subkey exists, delete it:
- HKEY_USERS\Default\Software\Microsoft\Cryptography\Providers\Type 001
Can’t access the Registry Editor? Check out this in-depth guide for more info on the matter.
This will open the Registry Editor
HKEY_USERS\Default\Software\Microsoft\Cryptography\Providers\Type 001
3. Store the user profile for the Terminal Services session locally
If this seems to be the case, ask your IT administrator to simply move the user profile to the server that has Terminal Services enabled. Alternatively, you can also use roaming profiles.
By following these steps, you should now be able to import an SSL private key certificate file into the local computer personal certificate store without any more error messages.
If you’re aware of a solution we may have missed out on, share it in the comments section below so that other users can try it, as well.
- Fix: User Profile Sync is not currently provisioned
- User profile Home Folder doesn’t map: Quick Fix
- Fix: User profile is not ready for dictation in Dragon
If the advices above haven’t solved your issue, your PC may experience deeper Windows problems. We recommend downloading this PC Repair tool (rated Great on TrustPilot.com) to easily address them. After installation, simply click the Start Scan button and then press on Repair All.
Still having issues? Fix them with this tool:
SPONSORED
- IIS 6 web server
Email *
Commenting as . Not you?
Comment
