How to Import a Certificate
I need to script the export of a cert from our Windows store into Firefox. I am having trouble getting the cert into the correct "container". The certificate, as generated from a command line as well, is a .pfx file with a password. I can manually import the cert into Firefox under the "Your Certificates" tab of the Certificate Manager. However, when I run the command line, it dumps the cert under the tab labeled "Others" and the website we're trying to access either can't find the cert there or there's a problem with the import itself.
My first couple of attempts failed with errors, but following up on them I found a site that suggested I convert the .pfx file to a .pem file. I followed those instructions and the command line no runs without error. The other thing to note here is using the GUI, I cannot import the .PEM file.
Assuming that the .pem file is encoded and formatted correctly, how can I get this line of code to put the cert into the right container?
certutil -A -n "My Certificate" -d c:\temp\CertImport -t "CTu,," -u "c" -a -f pword.txt -i CertEric.pem (I added the '-f' argument in case its needed to import the password protected file. I've run this both with and without it and got the same results.)
I also exported the cert in a .cer format. Here are some other attempts and results: certutil -A -n "My Certificate" -d c:\temp\CertImport -t "CTu,," -u "c" -a -f pword.txt -i CertEric.pfx certutil: could not obtain certificate from file: security library: improperly formatted DER-encoded message.
certutil -A -n "My Certificate" -d c:\temp\CertImport -t "CTu,," -u "c" -a -f pword.txt -i CertEric.cer certutil: could not obtain certificate from file: security library: improperly formatted DER-encoded message. (Although, dropping the '-a' argument allowed this command to complete without error.)
certutil -A -n "My Certificate" -d c:\temp\CertImport -t "CTu,," -u "c" -f pword.txt -i CertEric.pfx certutil: could not obtain certificate from file: security library: invalid arguments. (This one uses the .pfx file and drops the '-a' argument)
Any ideas? Thanks for your time.
Eric
All Replies (1)
Kesla, Thank you for elaborating on the description of your issue, however this may be beyond the scope of this support forum. The communities listed here: https://developer.mozilla.org/en-US/d.../NSS would be the best place to ask this question.
Sorry for the delay, and I hope this puts you in the right hands.