Questions tagged [certutil]
23 questions
13
votes
1 answer
How to find out where a Certificate Request came from
I have a CA setup on Server 2012 R2, the person who ran the server left the company and I have setup a new CA server.
I am trying to figure out what systems / URL's the certs are for.
In the List of Issued Certificated is the following:
Request ID:…
Anthony Fornito
- 9,596
5
votes
1 answer
How do I sign a new FreeIPA Server's internal CA with my organizational internal CA?
My organization has an internal Certificate Authority (CA) which we have already generated many internal certificates and have installed on machines.
I am setting up a FreeIPA LDAP/Kerberos server and after the initial install, it has generated an…
Josh
- 9,398
5
votes
1 answer
How to replace a certificate with certutil?
We have an application which runs a batch script which installs an OCA and certificates signed by that OCA to a set of Windows machines.
Unfortunately the OCA certificate has expired, and certutil produces errors when we run the script, because the…
Thomas
- 153
3
votes
1 answer
How to import SSL certificates in a 389 Directory Server using the command line?
I am trying to setup a new 389 Directory Server in a RHEL machine and I am trying to configure SSL for LDAPS using the command line.
I have just spent several hours digging through every piece of information on how to do this but every page keeps…
ByteFlinger
- 193
2
votes
1 answer
Can't import PFX with CERTUTIL -- "Keyset does not exist"
We have a PFX file that when used on any other Windows system (Server 2008 R2, 7, 8) installs fine. On 2 of my servers, the import fails like so:
CertUtil: -importPFX command FAILED: 0x80090016 (-2146893802)
CertUtil: Keyset does not exist
We…
neildeadman
- 734
1
vote
0 answers
How does certutil determine that a cert is revoked
I'm testing that an x509 certificate can be correctly determined to be revoked. I'm taking the cert from https://revoked.badssl.com and verifying it via certutil. When my system is online, it seems to pull the CRL and determine that it is revoked. I…
Stealth Rabbi
- 111
1
vote
1 answer
CRL revocation check failed
Issue with crl revocation check.
I can telnet target server on port 80.
I can download crl with internet explorer.
But when i launch certutil :
C:\Users\Administrateur\Desktop>certutil -urlfetch -verify alex.cer
Émetteur:
CN=get-SRV-DC-CA
…
Alex Lum
- 267
1
vote
0 answers
Using Certutil to manage CA, show certificates for requester name/id and revoke
I am searching for another way to manage my CA.
I wrote a powershell script, which allows me to show all my certificates for a specified requester name or request id and to revoke those certificates.
Is it possible to do this in certutil?
I can't…
Envy
- 23
1
vote
1 answer
Certutil in CentOS complaining of an incorrect password
I just setup a minimum Centos 7 and ran pwgen and tried to create a new database. It complains that it is the incorrect password.
These are my commands:
# pwgen -sy 32 1 > /etc/openldap/certs/password
# certutil -d /etc/openldap/certs -N -f…
kevbuntu
- 169
1
vote
0 answers
network device enrollment service greyed out
I've recently installed AD Certification Authority on one of our DCs. It acts as a subordinate enterprise CA, the Root CA is a standalone offline root CA and there is no connection between those two CAs. I've requested a Certificate for the…
ITguy
- 11
1
vote
1 answer
Certificate status still pending even after completion
I have exchange 2013 on Azure VM which is also a DC. for using services like autodiscover etc I need to get a valid 3rd Party certificate which I got from STARTSSL, I generated the request and got the certificate downloaded along with private key…
Mashal Khan
- 15
1
vote
1 answer
Easiest way to generate PFX certificate (Windows)
At the moment to generate PFX Certificate, I use openssl and:
Generate a CSR with its private key
Connect to my CA website (Microsoft CA), and submit CSR along with (san:dns=) additional attribute.
From certificate authority I issue the pending…
Florian Bidabé
- 334
1
vote
1 answer
How to convert a CER file to PFX using certutil
I have an SSL certificate from GoDaddy in the following formats
CRT
PEM
P7B
I also downloaded the CSR and private key as text files.
However I need to convert these to PFX format in order to install the certificate on an Azure App Service. I…
Martin Vaughan
- 111
1
vote
1 answer
check MD5 checksums from md5 file in Windows
Hopefully a simple question, does a simple Windows command line equivalent to md5sum --check [files.md5] exist? Alternatively, something I can script as a batch file.
I can generate the hashes file fine, but it's the check at the destination,…
16shells
- 11
1
vote
2 answers
How to Delete CRL Files in Local Cert Store
I need to import CRL files to a Bastion server that is not part of my environments domain. The CRL files are updated every few days so a new copy needs to be imported to the local cert store on the Bastion frequently.
I noticed when I do a fresh…
jrd1989
- 728
- 4
- 24
- 55