Importing an SPC into a Certificate Store

Once a Personal Information Exchange (.pfx) file is created to store a Software Publisher Certificate (SPC) and its private and public keys, the .pfx file must be imported into the Personal certificate store on the signing computer. For more information about .pfx files, see Personal Information Exchange (.pfx) Files.

To import a .pfx file into the local Personal certificate store, do the following:

  1. Start Windows Explorer and select and hold (or right-click) the .pfx file, then select Open to open the Certificate Import Wizard.

  2. Follow the procedure in the Certificate Import Wizard to import the code-signing certificate into the Personal certificate store.

The certificate and private key are now available for SignTool to use.

Starting with Windows Vista, an alternative way to import the .pfx file into the local Personal certificate store is with the CertUtil command-line utility. The following command-line example uses CertUtil to import the abc.pfx file into the Personal certificate store:

certutil -user -p pfxpassword -importPFX abc.pfx

The arguments used are:

  • The -user option specifies "Current User" Personal store.

  • The -p option specifies the password for the .pfx file (pfxpassword).

  • The -importPFX option specifies name of the .pfx file (abc.pfx).

Once the .pfx file is imported into the Personal certificate store on the signing computer, you can use SignTool to release-sign driver packages.

Alternatively, you can use certlm.msc, which provides a graphical interface for installing or managing certificates. To open certlm.msc, type the name in the Run dialog box or the command prompt.