Solved

Certificate import- windows 7

Posted on 2013-12-02
2
533 Views
Last Modified: 2013-12-23
Hello
Installing certificates to the CA and the local personal computer store on Windows 7 clients. Using Certutil I'm able to the get the certs imported on the client using:

CERTUTIL -f -p "password" -importpfx" %LOGONSERVER%\netlogon\certificates\machine_cert.p12"

CERTUTIL -addstore -enterprise -f -v root "%LOGONSERVER%\netlogon\certificates\RootCA .pem"

However, the machine cert is getting imported into the Intermediate Certificate Authorities as well as the personal computer store. Is this due to the syntax I'm using above or just normal behavior? The machine cert only needs to be imported into the personal computer store so if possible don't want to import the cert where its not needed.
Thanks for the help
0
Comment
Question by:jwill80
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 40

Accepted Solution

by:
footech earned 500 total points
ID: 39693246
When I've used this the .PFX file has included a certificate chain so I would expect it to place each cert in the chain appropriately.  If your .PFX doesn't include a certificate chain that might be the reason for the behavior you're seeing.
Have you tried the NoChain or NoRoot modifiers for the certutil command?
0
 
LVL 1

Author Comment

by:jwill80
ID: 39736625
Since having the cert imported into the intermediate store isn't causing any issues will let CertUtil import it.
0

Featured Post

Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OpenVPN is a great open source VPN server that is capable of providing quick and easy VPN access to your network on the cheap.  By default the software is configured to allow open access to your network.  But what if you want to restrict users to on…
When you start your Windows 10 PC and got an "Operating system not found" error or just saw  "Auto repair for startup" or a blinking cursor with black screen. A loop for Auto repair will start but fix nothing.  You will be panic as there are no back…
The viewer will learn how to use a discrete random variable to simulate the return on an investment over a period of years, create a Monte Carlo simulation using the discrete random variable, and create a graph to represent the possible returns over…
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…
Suggested Courses

626 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question