Submit a ticketCall us

Cloud Workloads: Meet Your New Hybrid IT Reality
Have you found yourself in that evolving, hybrid IT grey area and wondering if cloud workloads are now part of your purview? And if so, will monitoring cloud workloads require a new set of dedicated cloud monitoring tools? Your answers: yes, they should be, and no, they don’t.

Find out how SolarWinds® Server & Application Monitor (SAM) can help you monitor your cloud workloads side by side with your on-premises workloads. Register Now.

Home > Success Center > Web Performance Monitor (WPM) > WPM cannot include the selected certificate in the recording because the private key cannot be exported

WPM cannot include the selected certificate in the recording because the private key cannot be exported

Updated November 16, 2017

Overview

This article will provide solution for the issue were the WPM recorder is getting a warning message when importing a 3rd party certificate:

WPM cannot include the selected certificate in the recording because the private key cannot be exported. Import the certificate locally with a private key that can be exported or install the certificate on all computers where that recording will be played.

 

Environment

WPM 2.2.x

Cause 

The installed certificate on the WPM recorder machine does not have the option to allow the primary key to be exportable.

Resolution

  1. Install the certificate of the website to be monitored on where you are running the WPM recorder.
    Note: the certificate must be in .pfx format. This format includes the primary key as part of the certificate export of the WPM recorder.
  2. Include the 'Mark this key as exportable' option. This will allow the WPM recorder to export the primary key of the certificate. See the option below:
    Note: make sure that you select the two options below:
  3. Install the certificate on the Personal, Trusted root certificate authority, Enterprise trust, and Trusted publishers store.
  4. Re-run the WPM recorder and add the selected certificate. You should not get the error this time.
  5. Another issue can occur if IE prompts for the certificate. WPM uses IE options and will not be able to detect he certificates on playback. To correct this issue:
  6. By default, IE displays the following prompt when you try to access a website secured with a certificate:
    Windows Security Confirm Certificate: Confirm this certificate by clicking OK.
    If this is not the correct certificate, click Cancel
  7. Ensure that when you installed the certificate you didn’t have the Enable strong private key protection. You will be prompted every time the private key is used by an application if you enable this option. This may mean you have to reinstall the certificate on the client PC without the box ticked.
  8. From IE's Tools menu - choose Internet Options.
  9. Click the Security tab.
  10. Click the Custom Level button.
  11. Locate the setting: Don't prompt for client certificate selection when no certificates or only one certificate exists, and click the Enable radio button.
  12. Set in Internet Explorer the option.
  13. Group Policy can also be set or override the local IE options.
  14. Enable the following GPO, then do a gpupdate /force or reboot the PC that is asking you to confirm the certificate:
    Computer Configuration > Policies > Administrative Templates > Windows Components > Internet Explorer > Internet Control Panel > Security Page > (Zone the website is in) > Do not prompt for client certificate selection when no certificate or only one certificate exists.
  15. Be sure to enable the policy, then set the dropdown to enabled after enabling the policy.

 

 

Last modified

Tags

Classifications

Public