Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

ull backup of all certs certutil where, not exists

Posted on 2014-01-23
1
Medium Priority
?
512 Views
Last Modified: 2014-02-11
Need to have a full backup of all certs

C:\Users\jazz>certutil -ping
CertUtil: -ping command FAILED: 0x80070002 (WIN32: 2)
CertUtil: The system cannot find the file specified.

W2008R2
0
Comment
Question by:jazzIIIlove
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 30

Accepted Solution

by:
Rich Weissler earned 2000 total points
ID: 39804180
I believe the ping verb in certutil requires a destination.
C:\Users\razmus.TEST>certutil -ping localca
Connecting to localca ...
Server "test-LOCALCA-CA" ICertRequest2 interface is alive (78ms)
CertUtil: -ping command completed successfully.

Open in new window


If you have access to the console of the CA server, the you can perform a 'certutil -backup <destinationfolder>' to backup the CA, which will get the certificates.  (It will ask for a password on the backup itself.)

C:\temp\cabackup>certutil -backup c:\temp\cabackup
Enter new password:
Confirm new password:
Backed up keys and certificates for LOCALCA.test.local\test-LOCALCA-CA to c:\tem
p\cabackup\test-LOCALCA-CA.p12.
Full database backup for LOCALCA.test.local\test-LOCALCA-CA.
Backing up Database files: 100%
Backing up Log files: 100%
Truncating Logs: 100%
Backed up database to c:\temp\cabackup.
Database logs successfully truncated.
CertUtil: -backup command completed successfully.

Open in new window

0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are many Password Managers (PM) out there to choose from. PM's can help with your password habits and routines, but they should not be a crutch you rely on too heavily. I also have an article for company/enterprise PM's.
For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question