All Questions
14
questions
2
votes
2
answers
2k
views
How to automatically compare current windows root certificate store against latest root certificates?
I do have a provider that complains the trusted root certificates on our several windows server systems (2008, 2012, 2016, 2019) are outdated.
I was not able to prove the opposite. For sure "Turn ...
0
votes
1
answer
406
views
Generated SSL certificate doesn't work in Personal > Certificates, only if it's also in Trusted Root Certificate Authorities > Certificates
I'm trying to install an SSL certificate automatically with certutil, and I've done this successfully with the following command:
certutil -addstore -user -f "My" "$CERT_FILE_CERT"
...
3
votes
1
answer
7k
views
Using CertUtil MergePfx with password as a parameter
I'm trying to script generation of a single pfx certificate, from one key and one pem file. The following command in Powershell will generate a .pfx as expected:
CertUtil -MergePFX $srcPemPath $...
1
vote
1
answer
1k
views
How to use certutil.exe -MergePFX without a password?
I'm automating a process and have that constraint that I can only use Windows Server (2012 is the base, but I'm not sure if a 2008 will show up somewhere) native tools. I need to get a key pair (...
3
votes
1
answer
12k
views
Import certificate to Trusted Root Authorities for the Current User, with command line
I know how to import certificates to trusted root authorities with certutil
certutil -addstore "Root" <cert_path>
But for this I need administrator permissions. Though when I double ...
0
votes
1
answer
2k
views
Windows validate checksum
I am trying to validate the checksum for a Windows Citrix executable.
The checksum that is provided is 64 char long.
I have found instructions to validate a checksum by running this in PowerShell:
...
0
votes
1
answer
1k
views
Disabling Certutil
I am wondering what are the consequences of disabling certutil.exe on windows systems.
It seems that this option isn't event considered in the documentation or forums.
Can someone please elaborate ...
3
votes
2
answers
6k
views
get the hash of a string and eventually compare it to a hash
I want to run a one-liner to enable me to get the hash of a string and eventually compare it to a hash I can just copy at the end of the command later. I'm confident I can figure out how to do the ...
2
votes
1
answer
843
views
CertUtil: ERROR_INVALID_ACL (0x80070538) exception when trying to install root certificate on Windows
I have a program that installs a certificate to Trusted Root (with user's consent). However, some of the users are unable to use my software due to an exception that occures whenever a command to add ...
3
votes
1
answer
5k
views
Is it possible to encode a file with certutil without creating new file?
I'm encoding files with following command:
certutil -encode inputFileName encodedOutputFileName
However, this creates a new file on the system. Is it possible to print encoded data on command line ...
2
votes
1
answer
3k
views
Availbility of certutil on different Windows versions
I am a bit confused about certutil.exe. I have read the information in the link Server 2012/Windows 8 certutil documentation:
Certutil.exe is a command-line program that is installed as part of ...
3
votes
2
answers
14k
views
How to install CertUtil to Windows 7?
It seems that my version of Windows 7 (SP1, with PowerShell 4) lacks the certutil command. I tried to look for a way to add it manually but failed.
Any ideas on how to do it?
UPDATE
Thanks to comments,...
2
votes
0
answers
6k
views
certmgr.exe does not work expectedly in command line mode?
I'm trying to run the MSDN's sample about WCF basic message security using Certificate. In the setup.bat file, there is this line of command:
certmgr.exe -add -r LocalMachine -s My -c -n %SERVER_NAME%...
0
votes
1
answer
3k
views
How to extract "Issued To" with "certutil -store -my"?
I am trying to script a report on certificate usage for a specific app, and those certs are all part of the output of "certutil -store -my" (Web Server 2008 R2).
However the "issued-to" field is not ...