how to find out the valid store names for certutil
Solution 1:
You can quickly get the list in Powershell:
PS> ls Cert:\LocalMachine
Name : TrustedPublisher
Name : ClientAuthIssuer
Name : Remote Desktop
Name : Root
Name : TrustedDevices
Name : WebHosting
Name : CA
Name : REQUEST
Name : AuthRoot
Name : TrustedPeople
Name : My
Name : SmartCardRoot
Name : Trust
Name : Disallowed
Solution 2:
Found a site with the valid store names which are:
ca -> Specifies certificates in the Intermediate Certification Authorities store
my -> Specifies certificates issued to the current user
root -> Specifies certificates in the Trusted Root Certification Authorities store
spc -> Specifies software publisher certificates
user_created_store -> Specifies the name of a user-created certificate store
Solution 3:
also:
- AddressBook -> specifies "Other People" store
- Trust -> specifies "Enterprise Trust" store
- TrustedPublisher -> specifies "Trusted Publishers" store
by the way, "spc" is not working for me
I think the list is here: http://msdn.microsoft.com/en-us/library/system.security.cryptography.x509certificates.storename.aspx
or here http://msdn.microsoft.com/en-us/library/microsoft.web.services2.security.x509.x509certificatestore_members.aspx
"root" and "trust" are not valid in the user context (when using -user switch)
Solution 4:
This will enumerate all certificate stores:
certutil -enumstore
certutil -enumstore output
Check this answer for naming discrepancies: Certutil naming mismatch