Client Certs and Windows Server 2008

I just spent a while tracking down a cert problem while migrating an app to IIS7 on Windows Server 2008.

This app taps into a web service using a client cert. I finally tracked the problem down to a permissions issue with the private key on the client certificate. On Server 2003 and earlier these permissions are managed with the winhttpcertcfg.exe tool, but that’s not available on Server 2008 (or at least not supported, as far as I can tell). Turns out it’s actually pretty simple, though. See screenshot below:

Windows Server 2008 Client Cert

Yeah…just a simple right-click on the cert in the certificates snap-in. Also, for getting SSL traces, this blog had a good system.diagnostics section:

The microsoft documentation, as usual, was lacking, and most of the examples I tried didn’t seem to actually output the trace to a file (at least not where I expected to find it).

keywords: server 2008 client cert certificate permissions winhttpcfg


Tides came up at work, and we were trying to figure out what the tide numbers were relative to. You would think this would have been easy…but it took a lot of searching to find.


Tides are given in feet above (sometimes below) chart datum. Chart datum is defined (in the United States) by Mean Lower Low Water (MLLW). MLLW is “The average of the lower low water height of each tidal day observed over the National Tidal Datum Epoch” ( Lower low water is the lower of the two low tides (or single low tide) in a day. The National Tidal Date Epoch is 19 years, and currently is the period from 1983-2001 ( I’m mainly posting this just to remind myself since I spent so much time figuring it out.