Import Certificate to Trusted Root but not to Personal [Command Line]

127,545

Solution 1

Look at the documentation of certutil.exe and -addstore option.

I tried

certutil -addstore "Root" "c:\cacert.cer"

and it worked well (meaning The certificate landed in Trusted Root of LocalMachine store).

EDIT:

If there are multiple certificates in a pfx file (key + corresponding certificate and a CA certificate) then this command worked well for me:

certutil -importpfx c:\somepfx.pfx

EDIT2:

To import CA certificate to Intermediate Certification Authorities store run following command

certutil -addstore "CA" "c:\intermediate_cacert.cer"

Solution 2

The below 'd help you to add the cert to the Root Store-

certutil -enterprise -f -v -AddStore "Root" <Cert File path>

This worked for me perfectly.

Solution 3

To print the content of Root store:

certutil -store Root

To output content to a file:

certutil -store Root > root_content.txt

To add certificate to Root store:

certutil -addstore -enterprise Root file.cer
Share:
127,545
TiagoM
Author by

TiagoM

I got really excited very early in my career about all the dynamic and generic platform systems that can build any other system. I really like to develop generic solutions, that can handle multiple purposes. The most difficult part is handling all the system architecture and resulting in a good solution, that's the main focus on my job, my concerns are all about good development practices and solution's architecture. My thesis is about Model-Driven Engineering and of course Model-Driven Reverse Engineering, I am trying to use MoDisco with a specific C# Discoverer. I have experience also with detecting Code Smells and refactoring big solutions with other automatized tools like PHPMD for instance. I also have a lot of experience in software development, using Visual Studio managing all the project life-cycle purely integrated with TFS (Team Foundation Server), I have been working in all my professional projects using Agile Approach Methods, like for instance, Scrum. To be honest, and perhaps very little humble, I consider myself a valuable asset for any company concerning my academic (best-student award) and professional (promoted twice in 3 years) paths. On my free-time I love to jump around the streets doing my best at Parkour after a long day at work !! At night I like to go with some friends for cozy avenues listening and dancing some groove or prog music :)

Updated on November 16, 2020

Comments

  • TiagoM
    TiagoM over 3 years

    I am trying to import two certificates to my local machine using the command line.

    I have one certificate to add to the Personal Store of the local machine, and another one to add to the Trusted Root Certification Authorities.

    Here is the command to had to Personal Store and not to add at root:

    certutil -f -importpfx CA.pfx NoRoot

    And to add at Trusted Root and not personal ? Is there any tag ? I didn't found at command help "/?"