To replace a default HTML Access Agent certificate with a CA-signed certificate, you must import the CA-signed certificate into the Windows local computer certificate store. Perform this procedure on each remote desktop where the HTML Access Agent is installed.



  1. In the MMC window on the remote desktop, expand the Certificates (Local Computer) node and select the Personal folder.
  2. In the Actions pane, go to More Actions > All Tasks > Import.
  3. In the Certificate Import wizard, click Next and browse to the location where the certificate is stored.
  4. Select the certificate file and click Open.
    To display your certificate file type, you can select its file format from the File name drop-down menu.
  5. Type the password for the private key that is included in the certificate file.
  6. Select Mark this key as exportable.
  7. Select Include all extendable properties.
  8. Click Next and click Finish.
    The new certificate appears in the Certificates (Local Computer) > Personal > Certificates folder.
  9. Verify that the new certificate contains a private key.
    1. In the Certificates (Local Computer) > Personal > Certificates folder, double-click the new certificate.
    2. In the General tab of the Certificate Information dialog box, verify that the following statement appears: You have a private key that corresponds to this certificate.

What to do next

If necessary, import the root certificate and intermediate certificates into the Windows certificate store. See Import Root and Intermediate Certificates for the HTML Access Agent.

Configure the appropriate registry key with the certificate thumbprint. See Set the Certificate Thumbprint in the Windows Registry.