Microsoft "certutil -addstore -f -user publisher ..."

Microsoft "certutil -addstore -f -user publisher ..." - Create a Store

Q

How to import a certificate from a certificate file into a new certificate store with Microsoft "certutil" tool?

✍: FYIcenter.com

A

If you want to import a certificate from a certificate file into a new certificate store, you can use the Microsoft "certutil -addstore -f storename file_name" command as shown in this tutorial:

C:\fyicenter>\windows\system32\certutil -addstore -user publisher facebook.pem
publisher
Cannot open existing Cert store.  Use -f switch to force Cert store creation.
CertUtil: -addstore command FAILED: 0x80070002 (WIN32: 2)
CertUtil: The system cannot find the file specified.

C:\fyicenter>\windows\system32\certutil -addstore -f -user publisher facebook.pem
publisher
Certificate "CN=*.facebook.com, O="Facebook, Inc.", L=Palo Alto, S=California, C
=US" added to store.
CertUtil: -addstore command completed successfully.

C:\fyicenter>\windows\system32\certutil -store -user publisher
publisher
================ Certificate 0 ================
Serial Number: 017f77deb3bcbb235d44ccc7dba62e72
Issuer: OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign,
OU=VeriSign International Server CA - Class 3, OU=VeriSign, Inc.,
O=VeriSign Trust Network
 NotBefore: 6/20/2012 7:00 PM
 NotAfter: 12/31/2013 6:59 PM
Subject: CN=*.facebook.com, O=Facebook, Inc., L=Palo Alto, S=California, C=US
Non-root Certificate
Template:
Cert Hash(sha1): f5 6b f2 44 63 b0 bd 61 36 c5 e8 72 34 6b 32 04 28 ff 4d 7c
No key provider information
Cannot find the certificate and private key for decryption.
CertUtil: -store command completed successfully.

As you can see from the output, the command works successfully:

The first test without using "-f" option failed, because "publisher" is a new certificate.
"-addstore" option indicates the specified certificate file to be added to a certificate store.
"-f" option indicates a new certifcate store is to be created, if the speficified store doesn't exist.
"-user my" option specifies "my" certificate store in the "Current User" store location to be used.
"facebook.pem" option specifies the certificate file that contains the certificate to be imported.

⇒ Microsoft "certutil -delstore" Command Options

⇐ Microsoft "certutil -addstore -user my ..." - Import Certificate

⇑ Microsoft "certutil" Commands on Certificate Stores

⇑⇑ Microsoft "certutil" - Certificate Management Tool

2013-03-05, 24816👍, 0💬

💬 2016-01-29 FYIcenter.com: @D Keetch, yes, we can provide more examples. But do you have a specific use case that needs some help?

💬 2016-01-25 D Keetch: one example is not enough to illustrate the usage

Microsoft "certutil -encode..." - Converte DER file to PEM
How to convert a certificate file in DER (Distinguished Encoding Rules) format to PEM (Privacy Enhanced Mail) format? I know that PEM file format uses printable characters only and is safe to be included emails. If you want to convert a certificate from DER format to PEM format, you can use the Micr... 2020-01-12, 37268👍, 1💬

💬 2020-01-12 Y: Thank you!!!!

Microsoft "certutil -delstore" Command Options
How can I use Microsoft "certutil -delstore" command? What are command options supported by "certutil -delstore"? The document says "Delete certificate from store". Microsoft "certutil -delstore" command can be used to delete a certificate from a certificate store on the local computer. Here are opt... 2013-03-05, 26121👍, 0💬

Microsoft "certutil -addstore -f -user publisher ..." - Create a Store
How to import a certificate from a certificate file into a new certificate store with Microsoft "certutil" tool? If you want to import a certificate from a certificate file into a new certificate store, you can use the Microsoft "certutil -addstore -f storename file_name" command as shown in this tu... 2013-03-05, 24817👍, 0💬

Microsoft "certutil -addstore -user my ..." - Import Certificate
How to import a certificate from a certificate file into a certificate store with Microsoft "certutil" tool? If you want to import a certificate from a certificate file into a certificate store, you can use the Microsoft "certutil -addstore storename file_name" command as shown in this tutorial: C:\... 2013-03-01, 15504👍, 0💬

Microsoft "certutil -encode" Command Options
How can I use Microsoft "certutil -encode" command? What are command options supported by "certutil -encode"? The document says "Encode file to Base64". Microsoft "certutil -encode" command can be used to convert a certificate file from binary format to Base64 (PEM - Privacy Enhanced Mail) format. H... 2013-03-06, 14436👍, 0💬

Microsoft "certutil -addstore" Command Options
How can I use Microsoft "certutil -addstore" command? What are command options supported by "certutil -addstore"? The document says "Add certificate to store". Microsoft "certutil -addstore" command can be used to add, or import, certificate from a specified certificate file to a certificate store o... 2013-03-01, 13248👍, 0💬

Microsoft "certutil -verify" - Validate Expired Certificate
Can Microsoft "certutil" tool validates an expired certificates and reports the expired status? Yes. If you validate an expired certificate with the Microsoft "certutil -verify file_name" command, you will see an expired certificate report as shown in this tutorial: C:\fyicenter>\windows\s yst... 2013-02-28, 12554👍, 0💬

Download facebook.com Certificate for Microsoft "certutil" Test
How to download the server certificate from Facebook.com Web site? I want to have a new certificate to play with Microsoft "certutil" commands. The easiest way to download the server certificate from Web site is to visit the Web site with Firefox and use Firefox function to view and save the server ... 2017-04-05, 12386👍, 1💬

💬 2014-05-14 prosper: thank you

Microsoft "certutil -verify first.crt" - Validate Certificate
How to validate a certificate saved in a certificate file with Microsoft "certutil" tool? If you want to validate a certificate from a certificate file, you can use the Microsoft "certutil -verify file_name" command as shown in this tutorial: C:\fyicenter>\windows\s ystem32\certutil-verify fi... 2013-03-04, 7626👍, 0💬

All rights in the contents of this web site are reserved by the individual author. fyicenter.com does not guarantee the truthfulness, accuracy, or reliability of any contents.