Inside Windows® Server 2003

Command-Line PKI Tools

The Certification Authority console provides the most convenient place to manage a CA trust hierarchy. There are several command-line tools in the Resource Kit that have functionality that is not present in the MMC console.

CERTUTIL

This utility allows you to dump, view, and manage certificates and CRLs issued by any CA over which you have administrative rights. You can also manage the CA database. Run certutil /? to get a list of switches and their functions.

For example:

 C:\>certutil -verify server1.windomain.net_server1.crt Issuer: CN=PolicyCA-1 O=Windomain L=Phoenix S=AZ C=US E=administrator@windomain.ent Subject: CN=Server1 O=Windomain L=Phoenix S=AZ C=US E=administrator@windomain.net Cert Serial Number: 611227e4000000000003 ...

Get Inside Windows® Server 2003 now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Inside Windows® Server 2003 by William Boswell

Command-Line PKI Tools

CERTUTIL

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly