Register certificates for Message Queuing

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

To register certificates for Message Queuing

  1. Open Computer Management.

  2. In the console tree, right-click Message Queuing.

    Where?

    • Computer Management/Services and Applications/Message Queuing
  3. Click Properties.

  4. In the Message Queuing Properties dialog box, click the User Certificate tab, and then under User certificates, click Register.

  5. In the Personal Certificates dialog box, click a certificate, and then click Register.

Notes

  • To open Computer Management, right-click My Computer, and then click Manage.

  • Your computer must have access to Active Directory to perform this task.

  • During setup, an internal user certificate is automatically created for you on the local computer and is registered in Active Directory the first time you log on to the local computer in a domain provided your computer can communicate with a domain controller when you log on.

  • If no internal certificate exists, such as when the internal certificate is removed, this procedure creates a new internal certificate, which you can register. You can also use this procedure to register an external certificate after you import it.

  • If a certificate registered on the local computer is removed from a remote computer, the record of the certificate is removed from Active Directory, but the certificate will still exist on the local computer.

  • By default, users have permission to register certificates for Message Queuing. However, if default user permissions are changed, this might affect your ability to register certificates. For registering certificates, the user object requires the Write Personal Information permission in the Active Directory.

  • Active Directory sets a multi-valued attribute limit of approximately 800 user certificates for a specific user account. This limit is usually exceeded when obsolete user certificates have not been deleted from Active Directory. If multiple certificates exist for a user account, only the latest is used, and obsolete certificates can be deleted. For instructions, see Remove certificates for Message Queuing.

Information about functional differences

  • Your server might function differently based on the version and edition of the operating system that is installed, your account permissions, and your menu settings. For more information, see Viewing Help on the Web.

See Also

Concepts

Authentication for Message Queuing
Remove certificates for Message Queuing
Renew certificates for Message Queuing
Working with MMC console files