Using certutil -dspublish

Posted on 2006-05-10
Last Modified: 2008-01-09
If I used the command "certutil -dspublish Name.Cer" to publish a certificate to the DS store, then what command would I use to remove the same certificate and publish an updated version?

I'm asking because a script performs the publishing for me, and I don't have a script to peform the removal.

Question by:bbanis2k
    LVL 5

    Expert Comment

    Hi  bbanis2k

    have a look at this technet page:

    Specifically the sections on :

    Certutil tasks for managing certificates
    Certutil tasks for managing a Certification Authority (CA)

    These have details on publishing, revoking and updating certificates.

    Hope this helps!




    Author Comment

    I tried the same command, with the -f switch so that it would overwrite the existing certficate.  Unfortunately it didn't work.

    "certutil -dspublish -f Name.cer"
    LVL 5

    Expert Comment


    If you try it using the -v option in addition to the -f does it give any useful error output?

    I assume you are running this as a user with administrative privileges?

    Author Comment

    I get the below, no matter which switches I use.

    Certificate already in DS store.

    CertUtil: -dsPublish command completed successfully.
    LVL 5

    Accepted Solution

    OK, it looks like the system thinks the cert you are trying to install is exactly the same as the one you have already got installed....

    If you have a backup of the original certificate you could try using delstore to delete the existing one then try re-publishing the new one.

    You could also view the installed certificate and compare it to the one you are trying to install.

    I'll look into this further for you later.

    LVL 5

    Expert Comment

    Hi Tolomir

    I notice you have been clearing several questions up - good job!

    I'm curious as to whether bbanis had any luck backing up the cert, and then deleting it and re-publishing it.

    With regards to the points as I've only started answering questions in the last couple of months I'm happy to go with whatever you / the moderators deem fair.



    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Suggested Solutions

    Title # Comments Views Activity
    Malware 5 52
    Forest Trust  vs ADFS 4 109
    Sonicwall Security Service questions 2 38
    deny local logon 12 34
    Phishing is at the top of most security top 10 efforts you should be pursuing in 2016 and beyond. If you don't have phishing incorporated into your Security Awareness Program yet, now is the time. Phishers, and the scams they use, are only going to …
    Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

    760 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now