The certmgr tool is required to manage certificates.
Executing certmgr in cmd will pop up a certificate management tool, but you cannot use the command line to manage certificates, and additional tools are required
cermgr.exe: download link
https://pan.baidu.com/s/1wnA-i0ixhSftPsMxv8OQ-Q
Execute certmr.exe **** in the certmgr file directory
Example: delete the specified certificate:
CertMgr.Exe -del -c -n certificate name -s my
Add the specified certificate:
CertMgr.Exe -add -all certificate name -s my
The following is an introduction to the options of certmgr:
| /add |
Add the certificate, CTL and CRL to the certificate store. |
| /all |
Adds all items when used with /add . Deletes all items when used with /del . Displays all items when used without the /add or /delete options. The /all option cannot be used with /put . |
| /c |
Add a certificate when used with /add . Removes certificates when used with /del . Save the certificate when used with /put . Display certificates when used without the /add , /delete , or /put options. |
| /CRL |
Add or remove CRLs. Displays the CRL when used without the /add , /delete , or /put options. |
| /CTL |
Add or remove CTLs. Displays the CTL when used without the /add , /delete , or /put options. |
| /delete |
Deletes certificates, CTLs, and CRLs from the specified certificate store. |
| /e encodingType |
Specifies the certificate encoding type. |
| /f dwFlags |
Specifies the store open flag. This is the dwFlags parameter passed to CertOpenStore . The default value is CERT_SYSTEM_STORE_CURRENT_USER. This option is only considered when using the /y option. |
| /h[elp] |
Displays the command syntax and options for the tool. |
| /n commonName String |
Specifies the common name of the certificate to add, delete, or save. This option can only be used for certificates, not CTLs or CRLs. |
| /put |
Save the X.509 certificate, CTL or CRL in the certificate store to a file. The file will be saved in X.509 format. The /7 option can be used with the /put option to save the file in PKCS #7 format. The /put option must be followed by /c , /CTL , or /CRL . The /all option cannot be used with /put . |
| /r registry location |
Identifies the registry location of the system store. This option is only considered when the /s option is specified . Registry location must be one of the following values:
|
| /s |
Indicates that the certificate store is the system store. If this option is not specified, the store is a StoreFile . |
| / sha1 sha1Hash |
Specifies the SHA1 hash of the certificate, CTL, or CRL to add, remove, or save. |
| /v |
Specifies verbose mode; displays detailed information about certificates, CTLs, and CRLs. This option cannot be used with the /add , /delete , or /put options. |
| /y storeProviderType |
Specifies the bucket provider type. |
| /7 |
Save the target store as a PKCS#7 object. |
| /? |
Displays the command syntax and options for the tool. |