It was a nightmare, more than 8 hours working. It was a problem for several years, and now I found out a howto I hope to help someone else.
I'm not sure why Win10 has problems with certificates when user is logged in domain, but it was a problem to me EVERY SINGLE YEAR on SSL renew!
The PFX is easy to import on Firefox and works fine every single time, but in Chrome and Win10 no!!
So you must use CERTUTIL on Win CMD to diagnose and import certificate. Below is a howto in TXT
1 ) open CMD and run:
Certutil -store my
Find out your certificate (seach and take note of fingerprint) for info like
================ Certificado n ================
Número de Série: 50f6b16ab1c50e91
Emissor: CN=AC SAFEWEB RFB v5, OU=Secretaria da Receita Federal do Brasil - RFB, O=ICP-Brasil, C=BR
NotBefore: 10/11/2022 15:37
NotAfter: 10/11/2023 15:37
Requerente: CN=XXX
Certificado não raiz
Hash Cert(sha1): 391XXX...XXX79d22cbd
Contêiner da chave = XXXXX867a-3f5d
Nome de contêiner exclusivo: 3558b16e85bee484bf7e3ed7aa5c17c8_4a703830-462a-453c-a46f-a1fca6b84967
Provider = Microsoft Strong Cryptographic Provider
Êxito no teste de criptografia
CertUtil: -store : comando concluído com êxito.
The important is show SUCCESS on criptografy test
If have no success, remove from PERSONAL TAB all old version, old certificates and trash using CERTMGR aplication.
Now open ANOTHER CMD as ADMIN, e use CERTUTIL to import the new SSL cert using something like:
certutil -f -p PASSWORD -importpfx CERTIFICATE.PFX
Run again the command certutil -store my to verify SUCESS on criptografy
and if it's ok, close the ADMIN CMD
and now on USER CMD (a normal one!) run this command
certutil -viewstore my
It will start an app to show certificates, run down to choose your certificate and DO NOT PRESS OK button.
Choose the option to show details, it will show info and a button to INSTALL certificates.
(Yes I know, You already have it installed... but it do not work, believe me!)
Now choose to install TWICE (on LOCAL USER and MACHINE) allways on PERSONAL space
and try again the Chrome site verification !!