Categories:
Android (13)
Apple Mac (27)
DH Keys (39)
DSA Keys (69)
EC Keys (577)
Firefox (31)
General (12)
Google Chrome (25)
Intermediate CA (152)
Java VM (33)
JDK Keytool (28)
Microsoft CertUtil (29)
Microsoft Edge (9)
Mozilla CertUtil (22)
OpenSSL (237)
Other (7)
Portecle (38)
Publishers (2704)
Revoked Certificates (30)
Root CA (89)
RSA Keys (2229)
Tools (46)
Tutorial (3)
What Is (22)
Windows (129)
Collections:
Other Resources:
Microsoft "certutil -verify first.crt" - Validate Certificate
How to validate a certificate saved in a certificate file with Microsoft "certutil" tool?
✍: FYIcenter.com
If you want to validate a certificate from a certificate file,
you can use the Microsoft "certutil -verify file_name" command
as shown in this tutorial:
C:\fyicenter>\windows\system32\certutil -verify first.crt Issuer: CN=GTE CyberTrust Global Root OU=GTE CyberTrust Solutions, Inc. O=GTE Corporation C=US Subject: CN=Microsoft Internet Authority Cert Serial Number: 07276202 dwFlags = CA_VERIFY_FLAGS_CONSOLE_TRACE (0x20000000) dwFlags = CA_VERIFY_FLAGS_DUMP_CHAIN (0x40000000) ChainFlags = CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT (0x40000000) HCCE_LOCAL_MACHINE CERT_CHAIN_POLICY_BASE --------CERT_CHAIN_CONTEXT -------- ChainContext.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100) ChainContext.dwRevocationFreshnessTime: 3 Weeks, 2 Hours, 6 Minutes, 4 Seconds SimpleChain.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100) SimpleChain.dwRevocationFreshnessTime: 3 Weeks, 2 Hours, 6 Minutes, 4 Seconds CertContext[0][0]: dwInfoStatus=101 dwErrorStatus=0 Issuer: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US NotBefore: 4/14/2010 1:12 PM NotAfter: 4/14/2018 1:12 PM Subject: CN=Microsoft Internet Authority Serial: 07276202 e5 95 8d 48 fe 10 d7 34 03 11 e8 c0 3b b2 29 40 da ba 2d a3 Element.dwInfoStatus = CERT_TRUST_HAS_EXACT_MATCH_ISSUER (0x1) Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100) CRL 0213: Issuer: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US 2a 98 4c ec 59 ec 2f be 9b 8d eb 9c 0e 8c 63 f6 fa 01 ee 44 Application[0] = 1.3.6.1.5.5.7.3.4 Secure Email Application[1] = 1.3.6.1.5.5.7.3.2 Client Authentication Application[2] = 1.3.6.1.5.5.7.3.1 Server Authentication Application[3] = 1.3.6.1.5.5.7.3.3 Code Signing CertContext[0][1]: dwInfoStatus=10c dwErrorStatus=0 Issuer: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US NotBefore: 8/12/1998 7:29 PM NotAfter: 8/13/2018 6:59 PM Subject: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US Serial: 01a5 97 81 79 50 d8 1c 96 70 cc 34 d8 09 cf 79 44 31 36 7e f4 74 Element.dwInfoStatus = CERT_TRUST_HAS_NAME_MATCH_ISSUER (0x4) Element.dwInfoStatus = CERT_TRUST_IS_SELF_SIGNED (0x8) Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100) Application[0] = 1.3.6.1.5.5.7.3.4 Secure Email Application[1] = 1.3.6.1.5.5.7.3.2 Client Authentication Application[2] = 1.3.6.1.5.5.7.3.1 Server Authentication Application[3] = 1.3.6.1.5.5.7.3.3 Code Signing Exclude leaf cert: d3 94 64 a9 ca 95 17 61 c4 46 d8 df 96 c0 97 66 7c 06 f0 f5 Full chain: 71 07 1b 40 df dc 36 61 8c 82 3a 0d 2e fd c4 50 79 39 64 ea ------------------------------------ Verified Issuance Policies: All Verified Application Policies: 1.3.6.1.5.5.7.3.4 Secure Email 1.3.6.1.5.5.7.3.2 Client Authentication 1.3.6.1.5.5.7.3.1 Server Authentication 1.3.6.1.5.5.7.3.3 Code Signing Cert is a CA certificate Leaf certificate revocation check passed CertUtil: -verify command completed successfully.
As you can see from the output, the command works successfully:
⇒ Microsoft "certutil -verify" - Validate Expired Certificate
⇐ Microsoft "certutil -verify" Command Options
2013-03-04, 7189👍, 0💬
Popular Posts:
How does the OpenSSL verify operation work? What are the steps used by OpenSSL to verify a certifica...
How to see more security related information on a Web page in Google Chrome? To see more security re...
Certificate summary - Owner: Microsoft Secure Server Authority, Dredmond, Dcorp, Dmicrosoft, Dcom Is...
How to see the list of root CA certificates used by Firefox? To see the list of root CA (Certificate...
Certificate Summary: Subject: TC TrustCenter Class 2 CA II Issuer: TC TrustCenter Class 2 CA II Expi...