I am a unix/linux guy. I have setup a server installation for our racked machines and our cloud VMs to configure sshd to trust signed user certificates, those signed by the trusted CA.
Everything is working fine using ssh-add and ssh-agent on linux and on macosx.
One guy has a windows client, using mobaxterm. From the documentation, it has some support for ssh-agent and pageant.
I can get a public key from him, and sign it just fine. But, where does the resulting certificate go?