MMC - Microsoft Management Console

The Microsoft Management Console (MMC) is a graphical user interface and serves for management of computers under Windows. The MMC contains the Program Snap-In that can be used to save and distribute certificates. For importing a certificate/private key pair into the Windows Cert store, both must be packed into a PKCS12 file.

In the Windows Certificate Store certificates for the local user and for the machine (local computer) are saved. The following figure shows the Windows Certificate Store. This is the machine (local computer) Store.
Figure 1. Windows Certificate Store

The local Computer certificates: Contains certificates of all users that log on to the computer.

Personal certificates: personal certificates contain certificates for users/PC. The associated private keys are saved in the user profile or on a smartcard/token. For WinCC OA also the PKCS file (the file with the public and private keys) is saved here. If the Windows Certificate Store is used for the encryption, the personal certificate for the WinCC OA system is specified via the config entry "winCert" - see the chapter Config Entries for MxProxy and HTTP Server.

Trusted Root Certification Authorities certificates: the certificates of trusted root certification authorities are saved here. If the Windows certificate store is used for the secure communication, the rootCA certificate for the WinCC OA system is specified via the config entry "WinRootCA" - see the chapter Config Entries for MxProxy and HTTP Server.