Certificate import- windows 7

Hello
Installing certificates to the CA and the local personal computer store on Windows 7 clients. Using Certutil I'm able to the get the certs imported on the client using:

CERTUTIL -f -p "password" -importpfx" %LOGONSERVER%\netlogon\certificates\machine_cert.p12"

CERTUTIL -addstore -enterprise -f -v root "%LOGONSERVER%\netlogon\certificates\RootCA .pem"

However, the machine cert is getting imported into the Intermediate Certificate Authorities as well as the personal computer store. Is this due to the syntax I'm using above or just normal behavior? The machine cert only needs to be imported into the personal computer store so if possible don't want to import the cert where its not needed.
Thanks for the help
LVL 1
jwill80Asked:
Who is Participating?
 
footechConnect With a Mentor Commented:
When I've used this the .PFX file has included a certificate chain so I would expect it to place each cert in the chain appropriately.  If your .PFX doesn't include a certificate chain that might be the reason for the behavior you're seeing.
Have you tried the NoChain or NoRoot modifiers for the certutil command?
0
 
jwill80Author Commented:
Since having the cert imported into the intermediate store isn't causing any issues will let CertUtil import it.
0
All Courses

From novice to tech pro — start learning today.