How to find certificates on the server that do not show up in MMC

Posted on 2016-09-09
Medium Priority
Last Modified: 2016-09-14
I am in the process of upgrading SHA-1 certificates and some of the certificates do not show up in MMC. How can I find those certificates? Is there a way?
Question by:YZlat
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
LVL 18

Expert Comment

by:Emmanuel Adebayo
ID: 41791800
It seems you are looking at the wrong certificate store.

Check certificate stores for users, computers, and services.
LVL 35

Author Comment

ID: 41791900
The certificate owner told me they do not show up in MMC.  Do all the certificates show up there? What if certificate is simply copied into the application folder? How would I find it?
LVL 17

Accepted Solution

Learnctx earned 2000 total points
ID: 41793122
You might be using an application which does not use the Windows central store. Java applications for example often use a Java keystore in the application directory. Some applications load certs and cert chains directly from a config path. If the cert is in a Java keystore, look for the keystore. Look for a .jks. If the certs are just floating about in a directory then look for the certificate. Look for .cer, .crt, .pem for individual certs. Look for p7b for chains in a Windows format. If it loads the private key from the file then look for a .pfx extension.

Generally speaking the application documentation should tell you where the certs should be stored or how you can customise the cert location.
LVL 35

Author Comment

ID: 41794993
Is there a way I can retrieve all those using Powershell?
LVL 17

Expert Comment

ID: 41795175
I don't know without more info. Talk to the cert owner for more info, it sounds like they should be able to elaborate on why it is not in the cert store. Maybe they know where?

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Check out the latest tech news, community articles, and expert highlights in August's newsletter.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question