SyntaxFix

[windows] Import Certificate to Trusted Root but not to Personal [Command Line]

I am trying to import two certificates to my local machine using the command line.

I have one certificate to add to the Personal Store of the local machine, and another one to add to the Trusted Root Certification Authorities.

Here is the command to had to Personal Store and not to add at root:

certutil -f -importpfx CA.pfx NoRoot

And to add at Trusted Root and not personal ? Is there any tag ? I didn't found at command help "/?"

This question is related to windows certificate root trusted certutil

The answer is

If there are multiple certificates in a pfx file (key + corresponding certificate and a CA certificate) then this command worked well for me:

certutil -importpfx c:\somepfx.pfx this works but still a password is needed to be typed in manually for private key. Including -p and "password" cause error too many arguments for certutil on XP

Look at the documentation of certutil.exe and -addstore option.

I tried 

certutil -addstore "Root" "c:\cacert.cer"

and it worked well (meaning The certificate landed in Trusted Root of LocalMachine store).

EDIT:

If there are multiple certificates in a pfx file (key + corresponding certificate and a CA certificate) then this command worked well for me:

certutil -importpfx c:\somepfx.pfx

EDIT2:

To import CA certificate to Intermediate Certification Authorities store run following command

certutil -addstore "CA" "c:\intermediate_cacert.cer"

To print the content of Root store:

certutil -store Root

To output content to a file:

certutil -store Root > root_content.txt

To add certificate to Root store:

certutil -addstore -enterprise Root file.cer

There is a fairly simple answer with powershell.

Import-PfxCertificate -Password $secure_pw  -CertStoreLocation Cert:\LocalMachine\Root -FilePath certs.pfx

The trick is making a "secure" password...

$plaintext_pw = 'PASSWORD';
$secure_pw = ConvertTo-SecureString $plaintext_pw -AsPlainText -Force; 
Import-PfxCertificate -Password $secure_pw  -CertStoreLocation Cert:\LocalMachine\Root -FilePath certs.pfx;

The below 'd help you to add the cert to the Root Store-

certutil -enterprise -f -v -AddStore "Root" <Cert File path>

This worked for me perfectly.

Source: Stackoverflow.com

Examples related to windows

"Permission Denied" trying to run Python on Windows 10 A fatal error occurred while creating a TLS client credential. The internal error state is 10013 How to install OpenJDK 11 on Windows? I can't install pyaudio on Windows? How to solve "error: Microsoft Visual C++ 14.0 is required."? git clone: Authentication failed for <URL> How to avoid the "Windows Defender SmartScreen prevented an unrecognized app from starting warning" XCOPY: Overwrite all without prompt in BATCH Laravel 5 show ErrorException file_put_contents failed to open stream: No such file or directory how to open Jupyter notebook in chrome on windows Tensorflow import error: No module named 'tensorflow'

Examples related to certificate

Distribution certificate / private key not installed When you use 'badidea' or 'thisisunsafe' to bypass a Chrome certificate/HSTS error, does it only apply for the current site? Cannot install signed apk to device manually, got error "App not installed" Using client certificate in Curl command Convert .cer certificate to .jks SSL cert "err_cert_authority_invalid" on mobile chrome only Android Studio - Unable to find valid certification path to requested target SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch Verify a certificate chain using openssl verify Import Certificate to Trusted Root but not to Personal [Command Line]

Examples related to root

SQLSTATE[HY000] [1698] Access denied for user 'root'@'localhost' Connect to docker container as user other than root MySQL user DB does not have password columns - Installing MySQL on OSX vagrant login as root by default adb shell su works but adb root does not Android: adbd cannot run as root in production builds How to get domain root url in Laravel 4? Import Certificate to Trusted Root but not to Personal [Command Line] How to check if running as root in a bash script Access Denied for User 'root'@'localhost' (using password: YES) - No Privileges?

Examples related to trusted

Import Certificate to Trusted Root but not to Personal [Command Line] OpenSSL: PEM routines:PEM_read_bio:no start line:pem_lib.c:703:Expecting: TRUSTED CERTIFICATE

Examples related to certutil

Import Certificate to Trusted Root but not to Personal [Command Line] Import pfx file into particular certificate store from command line

Tags

Accurev Bytearrayinputstream Google-eclipse-plugin Shape Phase Starman Traceability Combres Syndicationfeed Recompile Jquery-tools Interbase Spring.net Absolute-path Global.asa Mount-point Field Nspathcontrol Syncml Rawcontacts Null-string Facebooktoolkit Hibernate-search Locked-files Project-server Subscribe2 Pseudocode Dsoframer Composite-component Predict Hoard Stored-procedures Dynamic-usercontrols Vista-security Ascii Belongs-to Glazedlists Paypal-buttons Filezilla Weather-api Expression-blend-4 Code-patching Mappath Modifiers Nsdata Ctabitem Developer-machine Mongokit Class-extensions Parseexception Mail-server Dummy-data Gwt-tablayoutpanel Rich-media Reroute ui-select2 Textpattern Dompdf Make-install Wtai Datatables Ownerdrawn Static-polymorphism Bulkloader Insertion Ccnet-config Uframe Anti-join Reddot Main-memory-database Cognos Cortex-a8 Jxl Preloader Ora-06512 Default-scope Text-search Codesite Inequalities Aero-peek Protected-mode E-commerce Modelvisual3d Contextual-binding Crowd Jms Package-private Windows-explorer Tablelayoutpanel Concave Id3lib Unix-socket Sql-server-2008 Standby Virtualization Servicebehavior Numeric-limits Project-structure Fsevents User-friendly