I am trying to import two certificates to my local machine using the command line.
I have one certificate to add to the Personal Store of the local machine, and another one to add to the Trusted Root Certification Authorities.
Here is the command to had to Personal Store and not to add at root:
certutil -f -importpfx CA.pfx NoRoot
And to add at Trusted Root and not personal ? Is there any tag ? I didn't found at command help "/?"
Expand the Computer Configuration section and open Windows Settings\Security Settings\Public Key. Right-click Trusted Root Certification Authorities and select Import. Follow the prompts in the wizard to import the root certificate (for example, rootCA. cer) and click OK.
Look at the documentation of certutil.exe and -addstore option.
I tried
certutil -addstore "Root" "c:\cacert.cer"
and it worked well (meaning The certificate landed in Trusted Root of LocalMachine store).
EDIT:
If there are multiple certificates in a pfx file (key + corresponding certificate and a CA certificate) then this command worked well for me:
certutil -importpfx c:\somepfx.pfx
EDIT2:
To import CA certificate to Intermediate Certification Authorities store run following command
certutil -addstore "CA" "c:\intermediate_cacert.cer"
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With