Feb 122013
 

For one build script I had to know whether certain certificate is present. It took me a while until I found Certutil. Assuming that you know a hash of desired key (and you should) command is simple:

CERTUTIL -silent -verifystore -user My e2d7b02c55d5fe76540bab384d85833376f94c13

In order to automate things you just need to extend it a bit to check exit code:

CERTUTIL -silent -verifystore -user My e2d7b02c55d5fe76540bab384d85833376f94c13
IF ERRORLEVEL 1 ECHO No certificate found.

All nice-and-dandy except that it does not work. For some reason Certutil always returns exit code 0 regardless of success. But not all is lost, command does set ERRORLEVEL environment variable (not the same thing as exit code):

CERTUTIL -silent -verifystore -user My e2d7b02c55d5fe76540bab384d85833376f94c13
IF NOT %ERRORLEVEL%==0 ECHO No certificate found.

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>