Stack Overflow
Stack Overflow

Questions tagged [certutil]

Windows command for managing Certificate Services.

Certutil.exe is a command-line program that is installed as part of Certificate Services. You can use Certutil.exe to dump and display certification authority (CA) configuration information, configure Certificate Services, backup and restore CA components, and verify certificates, key pairs, and certificate chains. When certutil is run on a certification authority without additional parameters, it displays the current certification authority configuration. When cerutil is run on a non-certification authority, the command defaults to running the certutil -dump verb.

Useful links:

  1. CERTUTIL on technet.
  2. CERTUTIL on SS64 help pages.
99 questions
3
votes
3 answers

CertUtil Import pfx failed: NTE_NOT_SUPPORTED

I am attempting to set the KeySpec flag on an existing certificate for use in a SQL server encryption role. Current KeySpec is 0, and I need it to be a 1. The way to do this is by first exporting the cert, its private key, and key usages into a…
The ITea Guy
  • 225
  • 1
  • 3
  • 8
3
votes
1 answer

Add certificate to Trusted Publisher programmatically

I have a usb driver which is signed. I also have the certificate provided by the publisher. If I try to install the driver with pnputil pnputil /add-driver CerttName.cer /install I'm asked if I want to add the publisher to Trusted Publishers. To…
user2250152
  • 14,658
  • 4
  • 33
  • 57
3
votes
1 answer

Windows Batch file - Format CertUtil output and filename and size in single line

My requirement is to create an output file with the following format: Filename,file size,checksum An example would be abc.tar,1024 Bytes,052107adc8c42d6cf581bf81225ae6de Code setlocal enabledelayedexpansion set…
BPrasad
  • 33
  • 3
3
votes
1 answer

Build Mozilla NSS statically linked

Has anyone been able to build NSS statically linked? I actually only need to build certutil and pk12util statically linked. I've seen that Chromium is building NSS statically, and they even have a patch file, but the whole build process is quite…
Mike
  • 609
  • 12
  • 36
3
votes
1 answer

Certutil -restrict Error The system cannot find the file specified

I am trying to get the certificates which are valid within the given date range:- certutil –view –restrict "NotAfter<=July 31,2013 08:00AM,NotAfter>=July 20,2013 08:00AM" –out "RequestID,RequesterName" Reference :-…
Ashish Gupta
  • 14,869
  • 20
  • 75
  • 134
2
votes
0 answers

SSL certutil Trusted Peer vs Trusted CA -t switch difference

I see two common patterns of using -t switch argument for the certutil tool certutil ... -t "CT,c,c" and certutil ... -t "P,," when taking care of self-signed SSL certificates for web servers. Can anyone explain the difference between them and…
Jimmix
  • 5,644
  • 6
  • 44
  • 71
2
votes
1 answer

Importing .cer certificate from cmd

Importing a .cer certificate with certutil utility can't manage to match it with its private key although the certificate signing request was created on the same machine. I'm using certreq to generate the .csr file used for getting this certificate…
Mihai
  • 371
  • 3
  • 14
2
votes
1 answer

certutil 403 errors when verifying SSL certificate with certutil

I'm using certutil to debug certificate issues. On all of our servers except one I can use the following command to succesfully check any certificate: certutil.exe -f -urlfetch -verifiy certificatefilename.cert On one of our servers this command…
Robert Wagenaar
  • 179
  • 11
2
votes
2 answers

Compare files from two folders using HASH SHA1 in BATCH

I have this batch code but it is wrong, what I need is to see on screen the name of the files in folder2 that are not in folder1 comparing them with your HASH SHA1. Temporary files are in the same directory. I appreciate your comments @echo off cd…
Danielle
  • 89
  • 3
  • 9
1
vote
1 answer

How to iterate through FOR IN outputs with IF statements in Windows Batch?

I have a directory of files, a HashControlFile.txt which contains the SHA256 sum calculated from the files in the directory, and a need to iterate through these files in a way that calculates and formats the output from the CertUtil utility in…
SomekindaRazzmatazz
  • 79
  • 8
1
vote
1 answer

Understanding elasticsearch certificate

I saw there are two type of certificate which is elastic-stack-ca.p12 and elastic-certificates.p12. What are the differences between these two…
brita
  • 81
  • 1
  • 1
  • 6
1
vote
1 answer

Replicating Certutil.exe's -decodehex output exactly

I have done a ton more research since I first posted this question and I think I had a few terms goofed up as well. Dilemma: My company's Information Security team has flagged certutil.exe as a potentially dangerous application to be used after a…
k1dfr0std
  • 379
  • 1
  • 15
1
vote
0 answers

Is SHA-512 in "certutil" case insensitive?

I downloaded a file and used certutil to verify the integrity of a file I downloaded (command attached below). The uploader provided a SHA-512 hash with all letters capitalized, while certutil provided a hash with all letters in lowercase. Is…
myles_uy
  • 11
  • 5
1
vote
1 answer

Saving to file of same name as given path with different extension

What I wanna do: design a command for the Windows Powershell that lets a user input a path to a file they want to have the checksum of as well as their preferred checksum algorithm. The result should then be saved in a file of the same name as that…
Smogshaik
  • 180
  • 2
  • 13
1
vote
1 answer

BATCH - Write a specific line of command output as a variable without temp files?

The code of certutil-hash.cmd: @echo off certutil -hashfile "%~dpnx0" md5 pause>nul I want to save the whole second line with the hash value in a variable. CMD-Output: MD5 hash from…
ZerTerO
  • 13
  • 3
1
2
3 4 5 6 7