Importing .PEM certificates on Windows 7 on the command line

windows-7 windows command-line certificate
94,976

You need to use certutil.exe instead:

certutil –addstore -enterprise –f "Root" <pathtocertificatefile>

will add the certificate to the Trusted Root Certification Authorities store.

If you want to add an Intermediate Certification Authority, replace Root with CA and to add to your Personal store, change it to My.

All the above adds the certificate to the Local Computer store. To add to the User store remove the -enterprise from the command line:

certutil –addstore –f "Root" <pathtocertificatefile>

The -f in the command simply forces an overwrite in the case where the certificate is already installed.

Share:
94,976

Related videos on Youtube

Ben N
Author by

Ben N

Software developer, general IT consultant, and PowerShell enthusiast. Creator of Policy Plus, SprintDLL, Abiathar, and TextMarshal. Enneagram 5.

Updated on September 18, 2022

Comments

  • Ben N
    Ben N over 1 year

    I need to import a PEM certificate on a massive number of freshly installed Windows 7 Enterprise machines.

    Normally, I would do it through MMC → Certificates (Local Computer) snap-in → Trusted Root Certificates → Import, but I need to speed things up. Therefore, I'd like to use only the command prompt.

    With certmgr.exe (not certmgr.msc!), I would type:

    certmgr.exe -add -c C:\certificate.pem -s -r localMachine root

    The problem is that certmgr.exe does not exist in Windows 7. How then can I add a certificate from the command line?

  • KeyszerS
    KeyszerS almost 8 years
    One of the most useful answers I've seen for a long time, especially with the additional hints. Upvoted.
  • David162795
    David162795 almost 7 years
    Where to get certutil.exe ? The only links I found are for 32bit only
  • garethTheRed
    garethTheRed almost 7 years
    On every Windows computer :-) It should be installed by default on every Windows installation.
  • antak
    antak about 5 years
    To add to the User store remove the -enterprise: Removing -enterprise appears to try add it to the machine store and -user was required to choose the user store. Maybe things changed in Windows 10. Here's the relevant doc: Use -user to access a user store instead of a machine store.--docs.microsoft.com/en-us/windows-server/administrati‌​on/…

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Generating an RSA key pair in powershell
Copying a file remotely from Ubuntu to Windows 7
How to list CUDA devices in windows 7 using cmd?
How to accept user input command in batch file?
Trying to allow Remote Desktop connections via wmic command line but everytime Windows return me an error
CMD Batch file virtually press the enter key
Is it safe to force a dismount to format a volume in Windows?
Delete Multiple Windows Accounts by using CMD
Enable compatibility mode for command prompt in windows 7
Command prompt cannot find PATH variable