When you try to add a trust relationship in SharePoint 2010 using the Central Administration you might get an error.
The root certificate that was just selected is invalid. This may be because the selected certificate requires a password and we do not support certificates that require a password. Please select another certificate.
I was certain that the certificate was correct and should be accepted. I managed to import the certificate through PowerShell.
- Import the certificate into the Windows Certificate Store. Specifically the Personal store
- Start a SharePoint 2010 Management Shell session
- Locate the certificate in the Personal folder of the Windows Certificate Store and copy the Thumbprint
- Run the following commands:
$Cert = Get-Item("cert:\CurrentUser\My\" + "<thumbprint>".Replace(" ", "").ToUpper()) New-SPTrustedRootAuthority -Name "Token Signing Certificate" -Certificate $Cert
The certificate should now be imported and the trust should be visible in the Central Administration.