Wrong MSO/Security Officer Password

  • Article ID: 114274
  • Rating:
  • 3 customers rated this article 1.0 out of 6
  • Updated: 30 Nov 2011


Customer is shown the following error after entering their password to log into the Management Centre/Policy Editor:

First seen in

SafeGuard Management Center / Local Policy Editor
SafeGuard Easy


Every windows user has their own personal certificate store that lives within their user profile. This store is protected by an RSA private key (your certificate store password generally, unless you use tokens). This store is individual to each user on the machine.

This certificate store is used as a container for any security officer certificates that you may have in your possession. These certificates must be imported into your certificate store in order for them to be used.

Each security officer certificate also has a private key, this is created when the certificate is created (this is usually done during the creation of the security officer itself within the management centre).

In order to import a security officer certificate into your personal certificate you need to know two things, firstly, the certificate store password to open the store itself. Secondly, you will need to know the private key for the security officer certificate that you are importing.

The best way to think of this is the concept that everyone has their own personal “locked box”, you can only open this box by knowing the password. If you want to put a certificate in this box, you need to know the password to open it in the first place, but you must also prove that you are authorised to put that certificate in there by knowing the private key that was created at the same time as the certificate.

When logging on to the management centre, the program just checks to see if you have the correct officer certificate in your personal certificate store and the corresponding private key for that certificate. To do this, all you need to supply is the certificate store password so that the management centre can look inside the “locked box” that is your personal store. If you have the correct officer certificate, and the private key, no further passwords are required.

What To Do

  1. Click OK to the dialog
  2. Open SafeGuard(R) Certificate Manager
    Start | All Programs | Sophos | SafeGuard | SafeGuard(R) Certificate Manager
  3. Click on the button highlighted below:

  4. Type in the new password and then retype the new password before clicking OK

  5. You will then be presented with the following dialog once the password has been changed successfully, all previous certificates in the certificate store will be removed:

  6. Re-open the management centre and type in your new password
  7. You will be presented with the following request:

  8. Click on yes and locate the certificate for the officer.
  9. You will be required to enter the password for the certificate in order to import this into your certificate store:

  10. Once imported you will be required to re-enter your certificate store password in order to log back into the Management Centre/Policy Editor

N.B If you have also forgotten the password for the security officers certificate you will need to contact your MSO in order for them to create you a new certificate. If the password for the MSO certificate has been forgotten then you will not be able to recover the login.

If you need more information or guidance, then please contact technical support.

Rate this article

Very poor Excellent