Troubleshooting Certificate Error while configuring Claims-Based Authentication

By | March 21, 2014

When we configure Claims-Based Authentication in Microsoft Dynamics CRM 2011 Deployment Manager, we may receive the following error.

The encryption certificate………does not exist in the local computer certificate store


You can use the following solution in order to resolve the above error.

  • Add a certificate in “Certificate (Local Computer) -> Personal -> Certificates” along with Trusted Root Certification Authorities.


  • Give at least read permissions to the account used for CRMAppPool application. If ADFS is running on another server, then verify whether the account used for the ADFSAppPool application pool has Read permissions.
  • While selecting the certificate from Claims-Based Authentication wizard, you will have an option to Install certificate.


            Install certificate in Personal as well as in Trusted Root Certification Authorities.

  • If you are attempting to renew the certificate and if both old and new certificate exist in Personal as well as in Trusted Root Certification Authorities location, then we may get the aforesaid error while configuring Claims-Based Authentication. Here, you can solve this by deleting the old certificate from both Personal as well as from Trusted Root Certification Authorities location; then configure the Claims-Based Authentication with new certificate. Otherwise, if you don’t want to delete the old certificate; you can tackle this error by removing the old certificate from only the Personal location.


Posted by: Inogic

For more information/discussions (documents, sample code snippets, detailed work flow or diagrams)

Please be free to visit the following links or email us:







Leave a Reply

Your email address will not be published. Required fields are marked *