Hey everyone! I'm trying to put together a script to check for duplicate certificates on my CA server, particularly those that have the same Issued Common Name. I stumbled upon the **certutil** command and while the Microsoft Learn documentation gave a lot of useful information, it also included a warning about its use in production environments. Has anyone actually used certutil on a live CA server? Is it really safe to use in a production setting?
3 Answers
Certutil isn’t designed as a PowerShell cmdlet, so keep that in mind. It’s been used in older prod setups, and while there are plans to phase it out eventually, many rely on it now without major issues.
If you need to filter out duplicates, you might also consider using `get-childitem cert:: | select -unique`, but just be aware that this only checks certificates in local user or machine stores and doesn’t dive into the CA database.
Certutil is definitely an old tool, but it's still reliable. That said, you might want to check out the more modern PsPki module for a fresher approach. You can find it on GitHub and it could simplify your tasks.
Related Questions
How To: Running Codex CLI on Windows with Azure OpenAI
Set Wordpress Featured Image Using Javascript
How To Fix PHP Random Being The Same
Why no WebP Support with Wordpress
Replace Wordpress Cron With Linux Cron
Customize Yoast Canonical URL Programmatically