Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 561
  • Last Modified:

Certificate import- windows 7

Hello
Installing certificates to the CA and the local personal computer store on Windows 7 clients. Using Certutil I'm able to the get the certs imported on the client using:

CERTUTIL -f -p "password" -importpfx" %LOGONSERVER%\netlogon\certificates\machine_cert.p12"

CERTUTIL -addstore -enterprise -f -v root "%LOGONSERVER%\netlogon\certificates\RootCA .pem"

However, the machine cert is getting imported into the Intermediate Certificate Authorities as well as the personal computer store. Is this due to the syntax I'm using above or just normal behavior? The machine cert only needs to be imported into the personal computer store so if possible don't want to import the cert where its not needed.
Thanks for the help
0
jwill80
Asked:
jwill80
1 Solution
 
footechCommented:
When I've used this the .PFX file has included a certificate chain so I would expect it to place each cert in the chain appropriately.  If your .PFX doesn't include a certificate chain that might be the reason for the behavior you're seeing.
Have you tried the NoChain or NoRoot modifiers for the certutil command?
0
 
jwill80Author Commented:
Since having the cert imported into the intermediate store isn't causing any issues will let CertUtil import it.
0

Featured Post

Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now