Identify where the store is being opened (likely using CertOpenStore with API flags).

Adjust it to explicitly specify CERT_SYSTEM_STORE_LOCAL_MACHINE instead of CURRENT_USER.

Recompile xmlsec to restore the older behavior.