Re: Import Sec Certificate using script

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

Hi,

Thanks for your reply.

I noticed that you have opened a new post in other newsgroup. So, I just
provide some information based on my further research here:

The -importcert switch seems to be not the best one for your needs, and you
may try the following method which I have tested on my own side and
everything works fine:

certutil-addstore [-f ] [-enterprise ] [-user ] [-gmt ] [-seconds ] [-v ]
[-dc DCName] CertificateStoreName InFile

Parameters
-addstore Adds a certificate to a certificate store.

-f Overwrites existing files or keys.

-enterprise Uses the local computer Enterprise registry certificate store.

-user Uses the HKEY_CURRENT_USER keys or certificate store.

-gmt Displays time as Greenwich mean time.

-seconds Displays time with seconds and milliseconds.

-v Specifies verbose output.

-dc DCName Targets a specific domain controller.

CertificateStoreName Specifies one of the following store names:

ca Specifies certificates in the Intermediate Certification Authorities
store.

my Specifies certificates issued to the current user.

root Specifies certificates in the Trusted Root Certification
Authorities store.

spc Specifies software publisher certificates.

UserCreatedStore Specifies the name of a user-created certificate store.

InFile Specifies the file name of the certificate or certificate
revocation list (CRL).

For example, you may use the following command to install an example.cer to
the Intermediate Certification Authorities store:

certutil -addstore ca c:\example.cer

Hope this helps.

Have a nice day!

Sincerely,
Tom Che
Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security

=====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
>Thread-Topic: Import Sec Certificate using script
>thread-index: AcXjcYTP2ncS+pjAREW75SYWnwUBEQ==
>X-WBNR-Posting-Host: 151.92.176.3
>From: "=?Utf-8?B?S2FuZ3Vyb3R0bw==?=" <Kangurotto@xxxxxxxxxxxxxxxxxxxxxxxxx>
>References: <ADC69CBF-FAB6-4760-BCAE-1BD65B8633F4@xxxxxxxxxxxxx>
<KbO5ZxS4FHA.3220@xxxxxxxxxxxxxxxxxxxxx>
<810362A2-3298-41EE-AABA-B21DFE8EB358@xxxxxxxxxxxxx>
<eK6iwrh4FHA.3976@xxxxxxxxxxxxxxxxxxxx>
>Subject: Re: Import Sec Certificate using script
>Date: Mon, 7 Nov 2005 00:01:54 -0800
>Lines: 40
>Message-ID: <B16F4F7D-1BE4-416E-8CFE-FAC9B029CEC1@xxxxxxxxxxxxx>
>MIME-Version: 1.0
>Content-Type: text/plain;
> charset="Utf-8"
>Content-Transfer-Encoding: 7bit
>X-Newsreader: Microsoft CDO for Windows 2000
>Content-Class: urn:content-classes:message
>Importance: normal
>Priority: normal
>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
>Newsgroups: microsoft.public.windows.inetexplorer.ie6.browser
>NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
>Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA03.phx.gbl
>Xref: TK2MSFTNGXA01.phx.gbl
microsoft.public.windows.inetexplorer.ie6.browser:107979
>X-Tomcat-NG: microsoft.public.windows.inetexplorer.ie6.browser
>
>Like last answer (by Robert Aldwinckle) I have posted question about
>'CERTUTIL tool' command line in Windows2003 discussion group
>(windows.server.general). Thanks.
>
>"Robert Aldwinckle" wrote:
>
>> "Kangurotto" <Kangurotto@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>> news:810362A2-3298-41EE-AABA-B21DFE8EB358@xxxxxxxxxxxxxxxx
>> > Hi,
>> > thanks for your answer, but I have a problem during the execution of
the
>> > CERTUTIL
>> > tool: the syntax that I used is: "certutil -v -importcert
>> > c:\FileName.Extension" (I've tried with '.cer' and '.p7b' file, that I
>> > exported from IE6), the error is: "CertUtil: The system cannot find
the file
>> > specified.". So, in your opinion, what is my problem?
>> > Thanks again.
>>
>>
>> Supposedly it creates or adds to a file called certutil.log
>> Try finding that file and looking in it for clues?
>>
>> Have you tried adding a -config parameter too?
>> The syntax indicates that that parameter is optional
>> but the description tends to indicate otherwise.
>> E.g. otherwise why have that bizarre syntax -config -
>> to indicate "default CA"?
>>
>>
>> BTW this seems off-topic for this newsgroup.
>> I suspect you could get more informed help in a newsgroup
>> which specializes in security for your server OS.
>>
>>
>> Good luck
>>
>> Robert Aldwinckle
>> ---
>>
>>
>>
>

.

Relevant Pages

  • Re: BLOG mutter mutter computerised MOT
    ... Simon Wilson wrote: ... If you look at your old certificate you will notice that it ... specifies the earliest date you can take it in for a retest. ... Dyna Tech Cro-Mo comp "When I feel fit enough' ...
    (uk.rec.motorcycles)
  • RE: Import Sec Certificate using script
    ... Thanks for posting here. ... Based on my research, if the 200+ clients use the same certificate, we can ... -importcert Imports a certificate file into the database. ... CertFile Specifies the certificate to import. ...
    (microsoft.public.windows.inetexplorer.ie6.browser)
  • RE: How to restore Cert Authority from old backup?
    ... Imports a certificate file into the database. ... Specifies the certificate to import. ... "alex" wrote: ...
    (microsoft.public.exchange2000.admin)
  • RE: How to restore Cert Authority from old backup?
    ... Imports a certificate file into the database. ... Specifies the certificate to import. ... "alex" wrote: ...
    (microsoft.public.windows.server.active_directory)
  • Re: Digitally Sign a Code Module
    ... Tools> Digital Signature> Choose, I don't have any certificates to select. ... I do have a certificate that would be appropriate for this function. ... are in the Personal certificate store. ... please post all follow-ups to the newsgroup so all may benefit. ...
    (microsoft.public.word.docmanagement)