Local Machine and Current User Certificate Stores
Each of the system certificate stores has the following types:
Local machine certificate store
This type of certificate store is local to the computer, global to all users on the computer, and is located under the
HKEY_LOCAL_MACHINEroot in the registry.Current user certificate store
This type of certificate store is local to a user account on the computer, and is located under the
HKEY_CURRENT_USERregistry root.
For specific registry locations of certificate stores, see System Store Locations.
All current user certificate stores except the Current User/Personal store inherit the contents of the local machine certificate stores. For example, if a certificate is added to the local machine Trusted Root Certification Authorities certificate store, all current user Trusted Root Certification Authorities certificate stores (with the above caveat) also contain the certificate.
Note
The driver signing verification during Plug and Play (PnP) installation requires that root and Authenticode certificates, including test certificates, are located in a local machine certificate store.
For more information about how to add or delete certificates from the system certificate stores, see CertMgr.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for