Collections:
Other Resources:
Microsoft "certutil -verify first.crt" - Validate Certificate
How to validate a certificate saved in a certificate file with Microsoft "certutil" tool?
✍: FYIcenter.com
If you want to validate a certificate from a certificate file, you can use the Microsoft "certutil -verify file_name" command as shown in this tutorial:
C:\fyicenter>\windows\system32\certutil -verify first.crt Issuer: CN=GTE CyberTrust Global Root OU=GTE CyberTrust Solutions, Inc. O=GTE Corporation C=US Subject: CN=Microsoft Internet Authority Cert Serial Number: 07276202 dwFlags = CA_VERIFY_FLAGS_CONSOLE_TRACE (0x20000000) dwFlags = CA_VERIFY_FLAGS_DUMP_CHAIN (0x40000000) ChainFlags = CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT (0x40000000) HCCE_LOCAL_MACHINE CERT_CHAIN_POLICY_BASE --------CERT_CHAIN_CONTEXT -------- ChainContext.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100) ChainContext.dwRevocationFreshnessTime: 3 Weeks, 2 Hours, 6 Minutes, 4 Seconds SimpleChain.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100) SimpleChain.dwRevocationFreshnessTime: 3 Weeks, 2 Hours, 6 Minutes, 4 Seconds CertContext[0][0]: dwInfoStatus=101 dwErrorStatus=0 Issuer: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US NotBefore: 4/14/2010 1:12 PM NotAfter: 4/14/2018 1:12 PM Subject: CN=Microsoft Internet Authority Serial: 07276202 e5 95 8d 48 fe 10 d7 34 03 11 e8 c0 3b b2 29 40 da ba 2d a3 Element.dwInfoStatus = CERT_TRUST_HAS_EXACT_MATCH_ISSUER (0x1) Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100) CRL 0213: Issuer: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US 2a 98 4c ec 59 ec 2f be 9b 8d eb 9c 0e 8c 63 f6 fa 01 ee 44 Application[0] = 1.3.6.1.5.5.7.3.4 Secure Email Application[1] = 1.3.6.1.5.5.7.3.2 Client Authentication Application[2] = 1.3.6.1.5.5.7.3.1 Server Authentication Application[3] = 1.3.6.1.5.5.7.3.3 Code Signing CertContext[0][1]: dwInfoStatus=10c dwErrorStatus=0 Issuer: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US NotBefore: 8/12/1998 7:29 PM NotAfter: 8/13/2018 6:59 PM Subject: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US Serial: 01a5 97 81 79 50 d8 1c 96 70 cc 34 d8 09 cf 79 44 31 36 7e f4 74 Element.dwInfoStatus = CERT_TRUST_HAS_NAME_MATCH_ISSUER (0x4) Element.dwInfoStatus = CERT_TRUST_IS_SELF_SIGNED (0x8) Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100) Application[0] = 1.3.6.1.5.5.7.3.4 Secure Email Application[1] = 1.3.6.1.5.5.7.3.2 Client Authentication Application[2] = 1.3.6.1.5.5.7.3.1 Server Authentication Application[3] = 1.3.6.1.5.5.7.3.3 Code Signing Exclude leaf cert: d3 94 64 a9 ca 95 17 61 c4 46 d8 df 96 c0 97 66 7c 06 f0 f5 Full chain: 71 07 1b 40 df dc 36 61 8c 82 3a 0d 2e fd c4 50 79 39 64 ea ------------------------------------ Verified Issuance Policies: All Verified Application Policies: 1.3.6.1.5.5.7.3.4 Secure Email 1.3.6.1.5.5.7.3.2 Client Authentication 1.3.6.1.5.5.7.3.1 Server Authentication 1.3.6.1.5.5.7.3.3 Code Signing Cert is a CA certificate Leaf certificate revocation check passed CertUtil: -verify command completed successfully.
As you can see from the output, the command works successfully:
⇒ Microsoft "certutil -verify" - Validate Expired Certificate
⇐ Microsoft "certutil -verify" Command Options
2013-03-04, 12051🔥, 0💬
Popular Posts:
How to get a list of all certificates in "Third-Party Root Certification Authorities" certificate st...
How to generate a pair of RSA Private Key and Public Key? To help you to generate a pair of RSA Priv...
Certificate Summary: Subject: accounts.google.com Issuer: Google Internet Authority G2 Expiration: 2...
Certificate summary - Owner: www.godaddy.com, "GoDaddy.com, LLC", L=Scottsdale, ST=Arizona, US, SERI...
Certificate summary - Owner: skydrive.live.com Issuer: Microsoft Secure Server Authority, Dredmond, ...