How to find certificates on the server that do not show up in MMC

Posted on 2016-09-09
Last Modified: 2016-09-14
I am in the process of upgrading SHA-1 certificates and some of the certificates do not show up in MMC. How can I find those certificates? Is there a way?
Question by:YZlat
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
LVL 17

Expert Comment

by:Emmanuel Adebayo
ID: 41791800
It seems you are looking at the wrong certificate store.

Check certificate stores for users, computers, and services.
LVL 35

Author Comment

ID: 41791900
The certificate owner told me they do not show up in MMC.  Do all the certificates show up there? What if certificate is simply copied into the application folder? How would I find it?
LVL 17

Accepted Solution

Learnctx earned 500 total points
ID: 41793122
You might be using an application which does not use the Windows central store. Java applications for example often use a Java keystore in the application directory. Some applications load certs and cert chains directly from a config path. If the cert is in a Java keystore, look for the keystore. Look for a .jks. If the certs are just floating about in a directory then look for the certificate. Look for .cer, .crt, .pem for individual certs. Look for p7b for chains in a Windows format. If it loads the private key from the file then look for a .pfx extension.

Generally speaking the application documentation should tell you where the certs should be stored or how you can customise the cert location.
LVL 35

Author Comment

ID: 41794993
Is there a way I can retrieve all those using Powershell?
LVL 17

Expert Comment

ID: 41795175
I don't know without more info. Talk to the cert owner for more info, it sounds like they should be able to elaborate on why it is not in the cert store. Maybe they know where?

Featured Post

Webinar: Aligning, Automating, Winning

Join Dan Russo, Senior Manager of Operations Intelligence, for an in-depth discussion on how Dealertrack, leading provider of integrated digital solutions for the automotive industry, transformed their DevOps processes to increase collaboration and move with greater velocity.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Most MSPs worth their salt are already offering cybersecurity to their customers. But cybersecurity as a service is wide encompassing and can mean many things.  So where are MSPs falling in this spectrum?
Many old projects have bad code, but the budget doesn't exist to rewrite the codebase. You can update this code to be safer by introducing contemporary input validation, sanitation, and safer database queries.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question