我想知道是否有一个cmd将现有证书从一个商店复制到另一个商店.我正在尝试将证书从用户中间证书颁发机构存储(certutils -user -store ca fqdn-HOST-CA)复制到计算机的受信任的根证书颁发机构存储(certutils -store root fqdn-HOST-CA).我尝试使用-addstore将cmds连接在一起,但没有工作!
certutil.exe -addstore root | certutil.exe -store -user ca fqdn-HOST-CA
有任何想法吗?谢谢
我认为使用PowerShell可能是最佳选择.
$srcStoreScope = "CurrentUser" $srcStoreName = "CA" $srcStore = New-Object System.Security.Cryptography.X509Certificates.X509Store $srcStoreName,$srcStoreScope $srcStore.Open([System.Security.Cryptography.X509Certificates.OpenFlags]::ReadOnly) $cert = $srcStore.certificates -match "sometext" $dstStoreScope = "LocalMachine" $dstStoreName = "root" $dstStore = New-Object System.Security.Cryptography.X509Certificates.X509Store $dstStoreName,$dstStoreScope $dstStore.Open([System.Security.Cryptography.X509Certificates.OpenFlags]::ReadWrite) $dstStore.Add($cert[0]) $srcStore.Close $dstStore.Close #Write-Output $cert