Browse By Category

Free Power Tools Brochure
Get Mark Minasi's
17-page guide today!

First Name *

Last Name *

Email Address *

* I agree to this site's
terms of use & privacy statement.

Get Newsletters

Get the Latest News
Product Updates
Helpful Tricks
Productivity Tips

JSI Tip 9527. How can I add a certificate to the Trusted Root Certification Authorities in LocalMachine from the command-line?

Rating:

(1)

Jerold Schulman

Windows IT Pro

InstantDoc ID #83974

To add a certificate to the Trusted Root Certification Authorities in LocalMachine from the command-line, you must:

1. Download the codesigningx86.exe package from the Microsoft Download Center.

2. Right-click codesigningx86.exe and extract the files.

3. Copy the CertMgr.exe program to a location in your path.

Once CertMgr.exe is available:

1. Open CMD.EXE window.

2. Type the following command and press Enter:

certmgr.exe -add -c "<cert-file>" -s -r localMachine root

Where <cert-file> is the fully qualified path to the certificate file.

When you type CertMgr.exe /?, you see:

Usage: CertMgr [options][-s [-r ][SourceStoreName]
                        [-s [-r ][DestinationStoreName]
Options:
 -add               Add certificates/CRLs/CTLs to a storeFile or a system store
 -del               Delete certificates/CRLs/CTLs from a storeFile or
                    a system store
 -put               Put an encoded certificate/CRL/CTL from a storeFile or
                    a system store to a file.  The file will be saved in X.509
                    format. -7 can be used to save the file in PKCS#7 format
 -s                 Indicate the store is a system store
 -r       The system store location
                         Default to 'currentUser'
 -c                 Certificates in the store
 -crl               Certificates revocation lists(CRLs) in the store
 -ctl               Certificates trust lists(CTLs) in the store
 -v                 Verbose display of the certificates/CRLs/CTLs
 -all               All certificates/CRLs/CTLs in the store
 -n           Common name of the certificate
 -sha1  The sha1 hash of the certificate/CRLs/CTLs
 -7                 Save the destination store in PKCS# 7 format
 -e         Certificate/CRL/CTL encoding type.
                    Default to X509_ASN_ENCODING
 -f           CertStore open flags.  Meaningful only if -y is set
 -y       CertStore provider name

ARTICLE TOOLS

Want to use this article? Click here for options!

Add a Comment

There are no comments to display. Be the first one!

You must log on before posting a comment.

Are you a new visitor? Register Here

VB Script to enable user account

Do any of you guys have a VB script that could be used to enable a AD user account? We are setting up a "firecall" ID which will stay disabled until i...222-96219

arp cache

Setup rights to helpdesk group to unlock shared files

Exchange Licenses

GOOGLE LINKS

To successfully implement virtual desktops, IT administrators must carefully match user requirements to specific desktop technologies. Listen to this podcast to learn what you need to keep in mind when formulating your approach to desktop virtualization.

Downloads

PacketTrap IT is a comprehensive and affordable network management and application monitoring solution that solves problems associated with bandwidth, network and application performance, and connectivity. Gain insight into your network - try PacketTrapIT free for 21 days!

Web Seminars

Aside from its employees, data is an organization’s most important resource. Join Windows technical specialist and 11-time MVP John Savill to learn the best practices for managing data using features in Windows Server.
View this web seminar on demand!

eLearning Series

We bring the experts direct to you to share their real-world perspective and expertise. During each event, three sessions stream in real time, so you can learn, ask questions, and get solutions.
Upcoming event: Getting the Most with Exchange 2010 with Paul Robichaux

Windows IT Pro, we're in IT with you