You can view and inspect certificates based on what they are intended to be used for, such as client authentication or key recovery, rather than on their logical roles.

Users or local Administrators is the minimum group membership required to complete this procedure. Review the details in "Additional considerations" in this topic.

To display certificates by certificate purpose
  1. Open the Certificates snap-in for a user, computer, or service.

  2. In the console tree, click Certificates - Current User , Certificates (Local Computer), or Certificates - Service.

  3. On the View menu, click Options.

  4. Under Organize view mode by, click Certificate purpose, and then click OK. The Intended Purposes column heading will appear in the details pane.

Additional considerations

Additional references