Categories:
Android (13)
Apple Mac (27)
DH Keys (39)
DSA Keys (70)
EC Keys (914)
Firefox (30)
General (10)
Google Chrome (25)
Intermediate CA (152)
Java VM (29)
JDK Keytool (28)
Microsoft CertUtil (29)
Microsoft Edge (9)
Mozilla CertUtil (21)
OpenSSL (236)
Other (7)
Portecle (38)
Publishers (3178)
Revoked Certificates (16)
Root CA (85)
RSA Keys (2554)
Tools (46)
Tutorial (1)
What Is (22)
Windows (127)
Collections:
Other Resources:
Microsoft "certutil -verify first.crt" - Validate Certificate
How to validate a certificate saved in a certificate file with Microsoft "certutil" tool?
✍: FYIcenter.com
If you want to validate a certificate from a certificate file,
you can use the Microsoft "certutil -verify file_name" command
as shown in this tutorial:
C:\fyicenter>\windows\system32\certutil -verify first.crt Issuer: CN=GTE CyberTrust Global Root OU=GTE CyberTrust Solutions, Inc. O=GTE Corporation C=US Subject: CN=Microsoft Internet Authority Cert Serial Number: 07276202 dwFlags = CA_VERIFY_FLAGS_CONSOLE_TRACE (0x20000000) dwFlags = CA_VERIFY_FLAGS_DUMP_CHAIN (0x40000000) ChainFlags = CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT (0x40000000) HCCE_LOCAL_MACHINE CERT_CHAIN_POLICY_BASE --------CERT_CHAIN_CONTEXT -------- ChainContext.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100) ChainContext.dwRevocationFreshnessTime: 3 Weeks, 2 Hours, 6 Minutes, 4 Seconds SimpleChain.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100) SimpleChain.dwRevocationFreshnessTime: 3 Weeks, 2 Hours, 6 Minutes, 4 Seconds CertContext[0][0]: dwInfoStatus=101 dwErrorStatus=0 Issuer: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US NotBefore: 4/14/2010 1:12 PM NotAfter: 4/14/2018 1:12 PM Subject: CN=Microsoft Internet Authority Serial: 07276202 e5 95 8d 48 fe 10 d7 34 03 11 e8 c0 3b b2 29 40 da ba 2d a3 Element.dwInfoStatus = CERT_TRUST_HAS_EXACT_MATCH_ISSUER (0x1) Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100) CRL 0213: Issuer: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US 2a 98 4c ec 59 ec 2f be 9b 8d eb 9c 0e 8c 63 f6 fa 01 ee 44 Application[0] = 1.3.6.1.5.5.7.3.4 Secure Email Application[1] = 1.3.6.1.5.5.7.3.2 Client Authentication Application[2] = 1.3.6.1.5.5.7.3.1 Server Authentication Application[3] = 1.3.6.1.5.5.7.3.3 Code Signing CertContext[0][1]: dwInfoStatus=10c dwErrorStatus=0 Issuer: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US NotBefore: 8/12/1998 7:29 PM NotAfter: 8/13/2018 6:59 PM Subject: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US Serial: 01a5 97 81 79 50 d8 1c 96 70 cc 34 d8 09 cf 79 44 31 36 7e f4 74 Element.dwInfoStatus = CERT_TRUST_HAS_NAME_MATCH_ISSUER (0x4) Element.dwInfoStatus = CERT_TRUST_IS_SELF_SIGNED (0x8) Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100) Application[0] = 1.3.6.1.5.5.7.3.4 Secure Email Application[1] = 1.3.6.1.5.5.7.3.2 Client Authentication Application[2] = 1.3.6.1.5.5.7.3.1 Server Authentication Application[3] = 1.3.6.1.5.5.7.3.3 Code Signing Exclude leaf cert: d3 94 64 a9 ca 95 17 61 c4 46 d8 df 96 c0 97 66 7c 06 f0 f5 Full chain: 71 07 1b 40 df dc 36 61 8c 82 3a 0d 2e fd c4 50 79 39 64 ea ------------------------------------ Verified Issuance Policies: All Verified Application Policies: 1.3.6.1.5.5.7.3.4 Secure Email 1.3.6.1.5.5.7.3.2 Client Authentication 1.3.6.1.5.5.7.3.1 Server Authentication 1.3.6.1.5.5.7.3.3 Code Signing Cert is a CA certificate Leaf certificate revocation check passed CertUtil: -verify command completed successfully.
As you can see from the output, the command works successfully:
⇒ Microsoft "certutil -verify" - Validate Expired Certificate
⇐ Microsoft "certutil -verify" Command Options
2013-03-04, 8445👍, 0💬
Popular Posts:
How to read the connection information on the page properties screen in IE? What is the meaning of "...
Certificate Summary: Subject: www.amazon.cn Issuer: VeriSign Class 3 Secure Server CA - G3 Expiratio...
How to use the "keytool -exportcert" command? I want to export a certificate out of a keystore file ...
How to create a test certificate for myself and put it into "My - Personal" system certificate store...
Where to find tutorials on Java Control Panel on Mac computers? Here is a collection of tutorials co...