Certificate Manager tool (certmgr.exe)

Source: Internet
Author: User
Tags sha1 hash

The Certificate Manager tool manages certificates, certificate trust lists (CTL), and Certificate Revocation Lists (CRL ).

 
Certmgr [/Add |/del |/put] [Options] [/s [/R registrylocation] [sourcestorename] [/s [/R registrylocation] [destinationstorename]

 

Parameters
Parameters Description

Sourcestorename

StorefileType or system storage area type input certificate storage area.

Destinationstorename

Output The certificate storage area or file.

Option Description

/Add

Add the certificate, CTL, and CRL to the certificate storage area.

/All

When/AddAdd all items when used together. When/DelDelete all items when used together. Without/AddOr/DeleteAll items are displayed./AllThe option cannot match/Put.

/C

When/AddAdd a certificate when used together. When/DelDelete the certificate when used together. When/PutSave the certificate. Without/Add,/DeleteOr/PutThe certificate is displayed.

/CRL

Add or delete CRl. Without/Add,/DeleteOr/PutOption displays CRl.

/CTL

Add or delete CTL. Without/Add,/DeleteOr/PutShow CTL when using the options.

/Delete

Deletes the certificate, CTL, and CRL from the specified certificate store.

/E Encodingtype

Specifies the certificate encoding type.

/F Dwflags

Specifies the storage area opening flag. This is passedCertopenstoreOfDwflagsParameters. The default value is cert_system_store_current_user. Only when used/YOption.

/H[ELP]

Displays the command syntax and options of the tool.

/N CommonName string

Specifies the public name of the certificate to be added, deleted, or saved. This option can only be used for certificates and cannot be used for CTL or CRl.

/Put

Save the X.509 Certificate, CTL, or CRL in the certificate store to a file. The file will be saved in X.509 format./7Options can be/PutOption to save the file in PKCS #7 format./PutThe options must be followed/C,/CTLOr/CRL./AllThe option cannot match/Put.

/R Registry location

The Registry location of the system storage area. Only when/SOption.Registry locationMust be one of the following values:

  • CurrentuserIndicates that the certificate store is in the HKEY_CURRENT_USER key. This is the default value.

  • LocalmachineIndicates that the certificate store is in the HKEY_LOCAL_MACHINE key.

/S

Indicates that the certificate store is a system store. If this option is not specified, the bucket isStorefile.

/Sha1 Sha1hash

Specifies the sha1 hash of the certificate, CTL, or CRL to be added, deleted, or saved.

/V

Specify the verbose mode. Displays details about the certificate, CTL, and CRL. This option cannot match/Add,/DeleteOr/PutOption.

/Y Storeprovidertype

Provided by the specified storage areaProgramType.

/7

Save the target bucket as a PKCS #7 object.

/?

Displays the command syntax and options of the tool.

Remarks

Certmgr.exe performs the following basic functions:

    • Display certificates, CTL, and CRL on the console.

    • Add the certificate, CTL, and CRL to the certificate storage area.

    • Delete certificates, CTL, and CRL from the certificate store.

    • Save the X.509 Certificate, CTL, or CRL in the certificate store to a file.

Certmgr.exe uses two types of certificate storage areas:StorefileAnd system storage area. It does not necessarily mean that the certificate certmgr.exe in the storage area can identify the storage area type and perform appropriate operations.

If you do not specify any options when running certmgr.exe, a GUI is started to help you execute certificate management tasks that can be accessed through command lines. The GUI provides an import wizard that copies certificates, CTL, and CRL from the disk to the certificate store.

For more information about certificates, see the "about CryptoAPI" section in the Microsoft platform SDK documentation.

Example

The following command displaysMyThe default system storage area that contains detailed output.

 
Certmgr/v/s my

The following command is namedMyfile. extTo add all certificates in the file namedNewfile. ext.

 
Certmgr/Add/All/C myfile. Ext newfile. ext

The following command willMyThe system storage area has a public nameMycertTo a certificate namedNewcert. Cer.

 
Certmgr/Add/C/N mycert/s my newcert. Cer

Delete the following commandMyAll the ctl in the system storage area, and save the result storage area toNewstore. Str.

 
Certmgr/del/All/CTL/s my newstore. Str

The following command willMyA certificate in the system storage area is stored in a fileNewfile. You will be prompted to enterMyTo be placed inNewfileThe certificate number in.

 
Certmgr/Put/C/S my newfile

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.