This is when you can’ get it to work, the below should work if followed step by step.
*If you are using Active Directory Certificate Services you can TRUST the AD without having to load this locally, this quick setup will work on load balanced BT servers, however this specific instace for TRUSTS is for local single machine installations.
*Check that the serial number in the PFX P12 (personal key ) DOES NOT start with a 00.
Create one user for the Inprocess and the isolated host adapters, add them to the Biztalk administrators group and local Administrator group.
For this example we will call it BTAS2User.
run -> MMC.exe as this user
File-> Add/Remove Snapin
and choose Certificates
Select the Local Computer account
Select Certificates and Click Add
Add the Van’s PUBLIC key (CER) and YOUR Private Key(PFX P12)
Add the Private Key to your private store (PFX, P12)
Open the Biztalk Administrator
Expand until you see the BIZTALK GROUP on the local machine [Right-Click] then select Properties
Add the new Private Key here. (PFX, P12)
You will see your personal certificates available here.
I am unsure if this is 100% needed, however we added them as well to both HOSTS
Select the HOSTS folder in teh biztalk administrator (next to the host instances folder)
Then one at a time select each and [Right-Click] -> Properties
Add the Certificates here.
It should work if you just restart the host instances, however I rebooted since it was a "pre-production" server .