Submit a ticketCall us

WebinarUpcoming Webinar: How Help Desk and Remote Support Pays for Itself

Learn how help desk software can simplify ticketing management, allow you to track hardware and software assets, and accelerate the speed of IT support and service delivery. Gain insights on how remote support tools allow your IT team to maximize their efficiency and ticket resolution by expediting desktop troubleshooting, ultimately helping keep end-users happy and productive.

Register here.

Home > Success Center > Web Performance Monitor (WPM) > WPM - Knowledgebase Articles > WPM cannot include the selected certificate in the recording because the private key cannot be exported

WPM cannot include the selected certificate in the recording because the private key cannot be exported

Updated November 16, 2017

Overview

This article will provide solution for the issue were the WPM recorder is getting a warning message when importing a 3rd party certificate:

WPM cannot include the selected certificate in the recording because the private key cannot be exported. Import the certificate locally with a private key that can be exported or install the certificate on all computers where that recording will be played.

 

Environment

WPM 2.2.x

Cause 

The installed certificate on the WPM recorder machine does not have the option to allow the primary key to be exportable.

Resolution

  1. Install the certificate of the website to be monitored on where you are running the WPM recorder.
    Note: the certificate must be in .pfx format. This format includes the primary key as part of the certificate export of the WPM recorder.
  2. Include the 'Mark this key as exportable' option. This will allow the WPM recorder to export the primary key of the certificate. See the option below:
    Note: make sure that you select the two options below:
  3. Install the certificate on the Personal, Trusted root certificate authority, Enterprise trust, and Trusted publishers store.
  4. Re-run the WPM recorder and add the selected certificate. You should not get the error this time.
  5. Another issue can occur if IE prompts for the certificate. WPM uses IE options and will not be able to detect he certificates on playback. To correct this issue:
  6. By default, IE displays the following prompt when you try to access a website secured with a certificate:
    Windows Security Confirm Certificate: Confirm this certificate by clicking OK.
    If this is not the correct certificate, click Cancel
  7. Ensure that when you installed the certificate you didn’t have the Enable strong private key protection. You will be prompted every time the private key is used by an application if you enable this option. This may mean you have to reinstall the certificate on the client PC without the box ticked.
  8. From IE's Tools menu - choose Internet Options.
  9. Click the Security tab.
  10. Click the Custom Level button.
  11. Locate the setting: Don't prompt for client certificate selection when no certificates or only one certificate exists, and click the Enable radio button.
  12. Set in Internet Explorer the option.
  13. Group Policy can also be set or override the local IE options.
  14. Enable the following GPO, then do a gpupdate /force or reboot the PC that is asking you to confirm the certificate:
    Computer Configuration > Policies > Administrative Templates > Windows Components > Internet Explorer > Internet Control Panel > Security Page > (Zone the website is in) > Do not prompt for client certificate selection when no certificate or only one certificate exists.
  15. Be sure to enable the policy, then set the dropdown to enabled after enabling the policy.

 

 

Last modified

Tags

Classifications

Public