Viewing Information About Certificates

When you double-click a certificate, or right-click the certificate, and then click Open , the Certificate dialog box appears, in which you can view the following:

  • General information

  • Details information

  • Certification path information

Figure 16.14 is an example of the General dialog box.

Cc962071.DSCJ15(en-us,TechNet.10).gif

Figure 16.14 Certificate General Dialog Box

The Certificate General dialog box lists general information about the certificate, including the intended purposes of the certificate, the issuing CA, and the validity dates. If there is a problem with the certificate, a warning message with additional information appears in the dialog box. Issuer Statement is grayed out because the issuing CA does not provide a statement. However, if the issuing CA provides a statement, you can click Issuer Statement to obtain additional information about the certificate from the issuing CAs Web site.

Figure 16.15 is an example of a Certificate Details dialog box.

Cc962071.DSCJ14(en-us,TechNet.10).gif

Figure 16.15 Certificate Details Dialog Box

The Certificate Details dialog box shows the information that is contained in the certificate, such as Version , Valid to , and Friendly Name (not shown). When you select an item in the Field column, the contents of the Value column for that item appear in the display box at the bottom of the dialog box. For example, in Figure 16.15, Valid to is selected and "Tuesday, December 31, 2002 12:00:00 AM" appears in the display box.

You can click Edit Properties to edit the Friendly Name and Description for the certificate, which appear in the Certificates console. You can also click Edit Properties to restrict the purposes for which the certificate can be used. By default, all of the purposes that are listed in the certificate are enabled. However, you can choose to disable all purposes (thus making the certificate invalid), or you can choose to trust the certificate for specific purposes only. For example, if a certificate is valid for code signing, secure mail, and secure Web communications, you can choose to trust it for secure mail only.

You can click Copy to File to export the certificate. If key export is enabled for the certificate, you also have the option of exporting the private key.

Figure 16.16 shows an example of a Certification Path dialog box.

Cc962071.DSCJ13(en-us,TechNet.10).gif

Figure 16.16 Certificate Certification Path Dialog Box

The Certificate Certification Path dialog box provides a graphic representation of the certification path and lists the trust status of the certificate. The Certificate status box describes the status of the certificate. If there is a problem with the certificate or the path, a warning appears in the Certificate Certification Path dialog box with information that explains the problem. Common problems include the parent certificate not being in the Trusted Root Certification Authorities store or a certificate in the Certification path box that does not validate properly. You can select a certificate in the Certification path box and click View Certificate to view information about the selected certificate.