?
Solved

Using certutil -dspublish

Posted on 2006-05-10
9
Medium Priority
?
6,505 Views
Last Modified: 2008-01-09
If I used the command "certutil -dspublish Name.Cer" to publish a certificate to the DS store, then what command would I use to remove the same certificate and publish an updated version?

I'm asking because a script performs the publishing for me, and I don't have a script to peform the removal.

Thanks,
BBanis2K
0
Comment
Question by:bbanis2k
  • 4
  • 2
6 Comments
 
LVL 5

Expert Comment

by:kevinf40
ID: 16656953
Hi  bbanis2k

have a look at this technet page:

http://technet2.microsoft.com/WindowsServer/en/Library/a3d5dbb9-1bf6-42da-a13b-2b220b11b6fe1033.mspx?mfr=true

Specifically the sections on :

Certutil tasks for managing certificates
and
Certutil tasks for managing a Certification Authority (CA)

These have details on publishing, revoking and updating certificates.

Hope this helps!

cheers

K

0
 

Author Comment

by:bbanis2k
ID: 16658503
I tried the same command, with the -f switch so that it would overwrite the existing certficate.  Unfortunately it didn't work.

"certutil -dspublish -f Name.cer"
0
 
LVL 5

Expert Comment

by:kevinf40
ID: 16659031
Hi

If you try it using the -v option in addition to the -f does it give any useful error output?

I assume you are running this as a user with administrative privileges?
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 

Author Comment

by:bbanis2k
ID: 16659158
I get the below, no matter which switches I use.



Certificate already in DS store.

CertUtil: -dsPublish command completed successfully.
0
 
LVL 5

Accepted Solution

by:
kevinf40 earned 2000 total points
ID: 16660271
OK, it looks like the system thinks the cert you are trying to install is exactly the same as the one you have already got installed....

If you have a backup of the original certificate you could try using delstore to delete the existing one then try re-publishing the new one.

You could also view the installed certificate and compare it to the one you are trying to install.

I'll look into this further for you later.


0
 
LVL 5

Expert Comment

by:kevinf40
ID: 16881985
Hi Tolomir

I notice you have been clearing several questions up - good job!

I'm curious as to whether bbanis had any luck backing up the cert, and then deleting it and re-publishing it.

With regards to the points as I've only started answering questions in the last couple of months I'm happy to go with whatever you / the moderators deem fair.

cheers

Kevin
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is about my experience upgrading my consulting machine to Windows 10 Version 1709 (The Fall 2017 Creator Update)
Securing your business data in current era should be your biggest priority. Numerous people are unaware of the fact that insiders commit more than 60 percent of security breaches. You need to figure out the underlying cause and invoke your potential…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Suggested Courses

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question