If you start the "certmgr.msc" Management Console on your Windows system,
you probably will see this list of certificate stores:
- Personal - Contains certificates associated with private keys
to which you have access. These are the certificates that have been
issued to you, or to the computer or service for which you?re managing certificates.
You can use your personal certificate to sign outgoing emails or log into Web sites.
- Trusted Root Certification Authorities -
Contains implicitly trusted CAs (Certificate Authorities).
Includes all of the certificates in the Third-Party Root CAs store
plus root certificates from your organization and Microsoft.
- Enterprise Trust - Contains CTLs (Certificate Trust Lists).
A certificate trust list provides a mechanism for trusting self-signed
root certificates from other organizations and limiting the purposes
for which these certificates are trusted.
- Intermediate Certification Authorities -
Certificates issued to subordinate CAs.
- Active Directory User Object - Contains certificates associated with your user object
and published in Active Directory.
- Trusted Publishers - Certificates from CAs that are trusted
by Software Restriction policies.
- Untrusted Certificates - Contains certificates that have been revoked by the issuer.
- Third-Party Root Certification Authorities - Contains trusted root certificates
from CAs other than Microsoft and your organization.
- Trusted People - Contains certificates issued to people or end entities
that are explicitly trusted. Most often these are self-signed certificates
or certificates explicitly trusted in an application such as Microsoft Outlook.
- Other People - Contains certificates issued to people or end entities
that are implicitly trusted.
These certificates must be part of a trusted certification hierarchy.
Most often these are cached certificates for services like Encrypting File System (EFS),
where certificates are used for creating authorization for decrypting an encrypted file.
- Certificate Enrollment Requests - Contains pending or rejected certificate requests.
⇒ certmgr.msc - Export Certificate List on Windows
⇐ Start "certmgr.msc" on Windows
⇑ Certificate Manager Console "certmgr.msc" on Windows
⇑⇑ Windows Certificates Tutorials