Jasinski Technical Wiki


Home Page
All Pages

Quick Search
Advanced Search »

Contributor Links

Create a new Page
File Management
Your Profile

Other Wiki Sections



Binding the Private Key to an SSL Certificate

Modified on Mon, Sep 13, 2021, 8:12 AM by Administrator Categorized as Uncategorized


You've installed an SSL certificate on a Windows server, but the certificate is not associated to its private key.


You can tell an SSL certificate is not associated to its private key in two places.

(1) In Certificate Management, the icon for the certificate is missing the "key" in the upper left corner.

(2) In the properties for the certificate (seen when double-clicking either the certificate), the "You have a private key that corresponds to this certificate." is missing.


  1. Open the Certificate Console. See this article for details how.
  2. Double-click the certificate and get the thumbprint of the certificate.
  3. Issue the following command on the server: certutil -repairstore my "thumbprint"
  4. When you see the response: "CertUtil: -repairstore command completed successfully" you should have a private key associated. NOTE: You may have to refresh the Microsoft Management Console window to see the private key on the certificate.
  5. The certificate should now be available for use.

Screen Shots

Certificate Management

Certificate Management

Certificate Properties

Certificate Properties


ScrewTurn Wiki version Some of the icons created by FamFamFam. Except where noted, all contents Copyright © 1999-2024, Patrick Jasinski.