Before you can use the certificate, you need to
manually add it to the Trusted Root Certification Authorities for the
computer account on any machine you would like to actually trust the
certificate. In this example you should do to that, at a minimum, on
the OWA and SharePoint server. If you have a client
machine from which you want to test the Office Web Apps, you also need
to do it there. These steps shouldn’t be done arbitrarily with random
certificates. Remember that this process is ultimately saying you
completely trust this certificate, which is OK because you created it.
The evil hackers of the world would love for you to do this with one of
their certificates, so always tread lightly when adding certificates.
The first step is to export the certificate from the OWA Personal store:
1. Still on the OWA server, open the MMC by using the Search charm (Windows key+F), typing mmc, and pressing Enter.
2. Click File. From the drop-down, click Add/Remove Snap-in. ...
3. Under Available snap-ins, select Certificates and click Add.
4. From the pop-up window, select Computer account and click Next.
5. Accept the default of Local computer on the next screen and click Finish.
6. Back at the Add or Remove Snap-ins screen, double-check yourself against Figure 2 and then click OK.
7. Expand Certificates (Local Computer).
8. Expand Personal. Under Personal, click Certificates.
9. When your newly created certificate appears, right-click on it and choose Export.... Figure 3 shows an example.
10. At the Welcome screen, click Next.
11. Select Yes, export the private key, and click Next.
12. For Export File Format, accept the defaults and click Next.
13. Select the box for Password:. Type the Password: and Confirm Password:. In this example use pass@word1, and click Next.
14. For File to Export click Browse. ...
15. Navigate to your Desktop, set the filename to OWA.pfx, and click Save; then click Next.
16. At the Completing screen, click Finish.
17. At the Successful screen, click OK.
