Kirk Evans Blog

.NET From a Markup Perspective

WSE 2.0 and the Other People store in Windows Server 2003

When you start to work with WSE, you will often see directions to import the public key portion of an X.509 certificate into the “Other People” store.  For example, using Windows Server 2003 to set up the samples in the WSE 2.0 SDK and the sample certificates provided by WSE 2.0, you open up the Certificates MMC snap-in and… no “Other People” store is present under the Current User store.

You can use the “certutil” command-line utility to import a certificate into the Current User/Other People store.  Make sure you use -user as this places the certificates into the per user certificate store. Without this flag certutil defaults to the local machine store which requires admin privileges to write.

certutil -user -addstore -f  “AddressBook” certfiletoimport.cer

The Other People store is actually referenced as “AddressBook”.  You don’t want to run certutil with “Other People” as the store name, because this is not the same thing.  This also explains the “AddressBook” constant value for the OtherPeople field in the Microsoft.Web.Services2.Security.X509.X509CertificateStore class.

See the Windows Server 2003 TechCenter for more information on How Certificates Work.