Enabling and Disabling Use of the Windows Certificate Store
Reflection Secure Shell and SSL/TLS sessions support the use of digital certificates for both host and user authentication. Reflection applications can be configured to authenticate using only those certificates located in Reflection store, or using both the Windows and the Reflection store.
Enabling use of the Windows certificate store means that you may not need to import the certificates used for host authentication. If your host certificates were acquired from a well-known Certification Authority (CA), such as VeriSign or Thawte, a certificate identifying the issuer as a trusted CA should already be included in the Trusted Root Certification Authorities list on your system. When use of the system store is enabled, Reflection clients look for certificates in both the Reflection and the system store.
Disabling use of the Windows certificate store enables you to have greater control over which certificates are used for authentication. Certificates can be added to the Windows store in a variety of ways, and you may not want to allow use of all of these certificates for authenticating Reflection sessions. When use of the Windows store is disabled, only those certificates you have imported into the Reflection store are used for host authentication.
To enable (or disable) host authentication using certificates in the Windows store:
Reflection uses personal certificates in the Windows store and the Reflection store in the same way. Available personal certificates include those in the Windows personal store, the Reflection personal store, and certificates on configured hardware tokens (for example smart cards).