locked
PKI and certificates RRS feed

  • Question

  • Hi,
    I am sure that not the right place, but I could not find one!
    I have a Microsoft CA running on Windows Server 2003. I need to extract a list of all the certificates issued by the CA (certificates are not published to AD). I did not find a command to do it. I tried many solutions with certutil.exe, but no way.
    - Is it allowed? If yes, how to do it?
    - Is there an .NET API to do the equivalent things than certutil.exe and certreq.exe (request a certificate, validate a request...)

    Many thanks.
    Alex

    Thursday, April 10, 2008 3:17 PM

Answers

  • Dear frederikm,
    Thanks for the answer.
    I have already tried this solution: certificates issued by the CA are not stored in the store of the computer but in an internal database.
    Alex
    Monday, April 14, 2008 7:19 AM

All replies

  • Alex

     

    - have you tried

    C:\Program Files\Microsoft Visual Studio .NET\FrameworkSDK\Bin\certmgr.exe

    (this is a framework tool, depends on the framework installation path)

     

    - api:

    to the best of my knowledge i can only say for sure that i know you can iterate over the certificates in a store (those installed on a certain computer)

     

    the api for this is found within the WSE extensions Microsoft.Web.Services3.Security

     

    so you could try those...

     

    Hope this helps you out

     

     

     

     

    Sunday, April 13, 2008 8:50 AM
  • Dear frederikm,
    Thanks for the answer.
    I have already tried this solution: certificates issued by the CA are not stored in the store of the computer but in an internal database.
    Alex
    Monday, April 14, 2008 7:19 AM