List of Commands Supported in Microsoft CertUtil

Q

What commands are supported in Microsoft CertUtil?

✍: FYIcenter.com

A

Here is a complete list of commands supported in Microsoft CertUtil. You can get it using the "CertUtil -?" command:

C:\fyicenter>\windows\System32\certutil -?

Verbs:
 -dump          -- Dump configuration information or files
 -asn           -- Parse ASN.1 file
 -decodehex     -- Decode hexadecimal-encoded file
 -decode        -- Decode Base64-encoded file
 -encode        -- Encode file to Base64
 -deny          -- Deny pending request
 -resubmit      -- Resubmit pending request
 -setattributes -- Set attributes for pending request
 -setextension  -- Set extension for pending request
 -revoke        -- Revoke Certificate
 -isvalid       -- Display current certificate disposition
 -getconfig     -- Get default configuration string
 -ping          -- Ping Active Directory Certificate Services Request interface
 -pingadmin     -- Ping Active Directory Certificate Services Admin interface
 -CAInfo        -- Display CA Information
 -ca.cert       -- Retrieve the CA's certificate
 -ca.chain      -- Retrieve the CA's certificate chain
 -GetCRL        -- Get CRL
 -CRL           -- Publish new CRLs [or delta CRLs only]
 -shutdown      -- Shutdown Active Directory Certificate Services
 -installCert   -- Install Certification Authority certificate
 -renewCert     -- Renew Certification Authority certificate
 -schema        -- Dump Certificate Schema
 -view          -- Dump Certificate View
 -db            -- Dump Raw Database
 -deleterow     -- Delete server database row
 -backup        -- Backup Active Directory Certificate Services
 -backupDB      -- Backup Active Directory Certificate Services database
 -backupKey     -- Backup Active Directory Certificate Services certificate 
                   and private key
 -restore       -- Restore Active Directory Certificate Services
 -restoreDB     -- Restore Active Directory Certificate Services database
 -restoreKey    -- Restore Active Directory Certificate Services certificate 
                   and private key
 -importPFX     -- Import certificate and private key
 -dynamicfilelist -- Display dynamic file List
 -databaselocations -- Display database locations
 -hashfile      -- Generate and display cryptographic hash over a file
 -store         -- Dump certificate store
 -addstore      -- Add certificate to store
 -delstore      -- Delete certificate from store
 -verifystore   -- Verify certificate in store
 -repairstore   -- Repair key association or update certificate properties or 
                   key security descriptor
 -viewstore     -- Dump certificate store
 -viewdelstore  -- Delete certificate from store
 -dsPublish     -- Publish certificate or CRL to Active Directory
 -ADTemplate    -- Display AD templates
 -Template      -- Display Enrollment Policy templates
 -TemplateCAs   -- Display CAs for template
 -CATemplates   -- Display templates for CA
 -enrollmentServerURL -- Display, add or delete enrollment server URLs associated 
                   with a CA
 -ADCA          -- Display AD CAs
 -CA            -- Display Enrollment Policy CAs
 -Policy        -- Display Enrollment Policy
 -PolicyCache   -- Display or delete Enrollment Policy Cache entries
 -CredStore     -- Display, add or delete Credential Store entries
 -InstallDefaultTemplates -- Install default certificate templates
 -URLCache      -- Display or delete URL cache entries
 -pulse         -- Pulse autoenrollment events
 -MachineInfo   -- Display Active Directory machine object information
 -DCInfo        -- Display domain controller information
 -EntInfo       -- Display enterprise information
 -TCAInfo       -- Display CA information
 -SCInfo        -- Display smart card information
 -SCRoots       -- Manage smart card root certificates
 -verifykeys    -- Verify public/private key set
 -verify        -- Verify certificate, CRL or chain
 -sign          -- Re-sign CRL or certificate
 -vroot         -- Create/delete web virtual roots and file shares
 -vocsproot     -- Create/delete web virtual roots for OCSP web proxy
 -addEnrollmentServer -- Add an Enrollment Server application
 -deleteEnrollmentServer -- Delete an Enrollment Server application
 -oid           -- Display ObjectId or set display name
 -error         -- Display error code message text
 -getreg        -- Display registry value
 -setreg        -- Set registry value
 -delreg        -- Delete registry value
 -ImportKMS     -- Import user keys and certificates into server database for key 
                   archival
 -ImportCert    -- Import a certificate file into the database
 -GetKey        -- Retrieve archived private key recovery blob
 -RecoverKey    -- Recover archived private key
 -MergePFX      -- Merge PFX files
 -ConvertEPF    -- Convert PFX files to EPF file
 -?             -- Display this usage message

CertUtil -?          -- Display a verb list (command list)
CertUtil -dump -?    -- Display help text for the "dump" verb
CertUtil -v -?       -- Display all help text for all verbs

CertUtil: -? command completed successfully.

2013-02-25, 12935👍, 0💬