Query for Advanced CA Configuration Options
It is very common to check the configuration of any certification authority using certutil –getreg command. The command will allow a CA administrator to view the configured settings at a glance.
But what if you need to configure advanced settings on your CA? How can you find a setting required for your compliance audit?
Well, this is simple! You can still use the common certutil –getreg command but now, add the verbose switch ( -v). The command’s output will be similar to the screenshot below
As you probably noticed, all supported symbol names are displayed. The ones indented and in parentheses are supported bits that could be set, but currently are not. Any symbol without parentheses is configured on your CA. The symbolic names may be of some help to identify each bit’s purpose. You can perform a quick research on TechNet or MSDN to further understand and deploy each bit.
Amer F. Kamal
Senior Premier Field Engineer
Comments
Anonymous
January 01, 2003
ThanksAnonymous
July 21, 2014
Great work. Thank you very much.Anonymous
March 07, 2015
Please guys i change my nokia c1-01 and i forgot it a long time,i please aid me 2 restore it.