Sounds oddly similar to the problem I've got, under the heading: SSL problems
with Vista. Only solution I've got is to keep an XP/2003 machine around and
export from that one, which is obviously a PITA. And we're using 32-bit.

I just can't figure it out, I thought it must be some weird GPO setting but
I tried completely disabling all GPOs and it still doesn't work. But yet on
XP SP2/2003 SP1 with IE7, it all works fine.

Is there some fundamental difference in the way Vista handles CAs and
certificates?

Steve.

"mlai" wrote:

> Just an observation:
> I tried obtaining SSL certs with Vista thru Thawte (their free personal
> email certs). I had to put www.thawte.com in a Trusted Zone and disable
> protected mode for the trusted zone for it to work. However, when I import
> the issued certificates, I do not get an option to mark the private key as
> exportable and consequently, I cannot export the cert for backup and
> installation on my laptop.
>
> If I request the cert from XPSP2 (also IE7), I can mark the cert as
> exportable and can export the cert in PFX format to be used on another
> machine. The process is completely identical but it works on XPSP2 but not
> Vista RTM (I am on x64).
>
> Can anybody shed some light on this? It will be a major problem as I will
> be moving to a pure Vista environment soon for my home network (which has 7
> machines......)
>
> Please help.
> TIA.
>