Manage User Account Permissions for SSL Certificate - Solution Configuration Manager - 23.1 - 23.1 - Brainware - external - Brainware/Solution-Configuration-Manager/23.1/Solution-Configuration-Manager-Installation-Guide/Configure-SSL-Settings-manually/Manage-User-Account-Permissions-for-SSL-Certificate - 2025-05-05

Solution Configuration Manager Installation Guide
Platform
Brainware
Product
Solution Configuration Manager
Release
23.1
License
The SCM Pool user must have permission (at least read permission) to the private and public key of the SSL certificate.This section describes how to verify or add permission to the private and public keys of an SSL certificate for a user or a group.

You need to perform these steps only when you want to use a preexisting certificate at the time of SCM installation. To verify or add permission for a user or a group, complete the following steps.

  1. Type mmc in the Windows search bar and press Enter to open Microsoft Management Console. The Console1 - [Console Root] window is displayed.
  2. Click File > Add/Remove Snap-in. The Add or Remove Snap-ins dialog box is displayed.
  3. Select Certificates and then click Add. The Certificates snap-in pop-up window is displayed.
  4. Select Computer account and then click Next. The Select Computer dialog box is displayed.
  5. Select Local computer (the computer this console is running on) > Finish. The Add or Remove Snap-ins dialog box is displayed.
  6. Click Ok and then on the left navigation pane, expand Certificates > Personal and then click Certificates. The certificates on your system are displayed.
  7. Right-click on the certificate to which you want to add user permission and then click All Tasks > Manage Private Keys.
  8. The Permissions for (name of certificate) private keys dialogue box is displayed.
  9. If the user or group does not exist in the Security tabbed area, then click Add to add user or group.

    Enter appropriate location, user or group name in the text box, click Check Names and then click OK.

  10. The new user (in this example "Network Service") has been added to the list under the Security tabbed area.
  11. In the permission area, provide either Read or Full Control permissions by selecting the check boxes under Allow. Click OK.
  12. Restart IIS.

By following these steps, you ensure that the SCM Pool user has the necessary permissions to access the private key of the new certificate (replaced SCMCertificate). This step is crucial for the proper functioning of the SCM application after replacing the default certificate.

If you replaced the default certificate and did not set the correct permissions, you might encounter issues with accessing encrypted passwords or other secured functionality in the SCM application. By granting the appropriate permissions, these issues can be avoided.