Утилита Windows Kits 10

Windows Kits 10
x64-86, ver. 10.0.14393.795

Набор утилит для работы с сертификатами. В комплект входят:

Code:

cert2spc.exe
certmgr.exe
makecert.exe
pvk2pfx.exe
signtool.exe

Надеюсь кому-нибудь пригодится, ибо нашел эту вещь нужной в одно время, собрал и решил поделиться. Все это входит в состав Visual Studio 2017 Community.

Загрузить:

Информация по работе через командную строку с каждой программой:
cert2spc.exe

Code:

Usage: Cert2Spc {cert1.cer|crl1.crl ... certN.cer|crlN.crl} output.spc

certmgr.exe

Code:

Usage: CertMgr [options][-s [-r <location>][SourceStoreName]

                        [-s [-r <location>][DestinationStoreName]
Options:
-add               Add certificates/CRLs/CTLs to a storeFile or a system store
-del               Delete certificates/CRLs/CTLs from a storeFile or
                    a system store
-put               Put an encoded certificate/CRL/CTL from a storeFile or
                    a system store to a file.  The file will be saved in X.509
                    format. -7 can be used to save the file in PKCS #7 format
-s                 Indicate the store is a system store
-r    <location>   The system store location
                        <currentUser|localMachine> Default to 'currentUser'
-c                 Certificates in the store
-crl               Certificates revocation lists(CRLs) in the store
-ctl               Certificates trust lists(CTLs) in the store
-v                 Verbose display of the certificates/CRLs/CTLs
-all               All certificates/CRLs/CTLs in the store
-n    <name>       Common name of the certificate
-sha1 <thumbPrint> The sha1 hash of the certificate/CRLs/CTLs
-7                 Save the destination store in PKCS #7 format
-e    <encode>     Certificate/CRL/CTL encoding type.
                    Default to X509_ASN_ENCODING
-f    <flag>       CertStore open flags.  Meaningful only if -y is set
-y    <provider>   CertStore provider name

makecert.exe

Code:

Usage: MakeCert [ basic|extended options] [outputCertificateFile]
Basic Options
-sk  <keyName>      Subject's key container name; To be created if not present
-pe                 Mark generated private key as exportable
-ss  <store>        Subject's certificate store name that stores the output
                     certificate
-sr  <location>     Subject's certificate store location.
                        <CurrentUser|LocalMachine>.  Default to 'CurrentUser'
-#   <number>       Serial Number from 1 to 2^31-1.  Default to be unique
-$   <authority>    The signing authority of the certificate
                        <individual|commercial>
-n   <X509name>     Certificate subject X500 name (eg: CN=Fred Dews)
-?                  Return a list of basic options
-!                  Return a list of extended options
Extended Options
-tbs <file>         Certificate or CRL file to be signed
-sc  <file>         Subject's certificate file
-sv  <pvkFile>      Subject's PVK file; To be created if not present
-ic  <file>         Issuer's certificate file
-ik  <keyName>      Issuer's key container name
-iv  <pvkFile>      Issuer's PVK file
-is  <store>        Issuer's certificate store name.
-ir  <location>     Issuer's certificate store location
                        <CurrentUser|LocalMachine>.  Default to 'CurrentUser'
-in  <name>         Issuer's certificate common name.(eg: Fred Dews)
-a   <algorithm>    The signature's digest algorithm.
                        <md5|sha1|sha256|sha384|sha512>.  Default to 'sha1'
-ip  <provider>     Issuer's CryptoAPI provider's name
-iy  <type>         Issuer's CryptoAPI provider's type
-sp  <provider>     Subject's CryptoAPI provider's name
-sy  <type>         Subject's CryptoAPI provider's type
-iky <keytype>      Issuer key type
                        <signature|exchange|<integer>>.
-sky <keytype>      Subject key type
                        <signature|exchange|<integer>>.
-l   <link>         Link to the policy information (such as a URL)
-cy  <certType>     Certificate types
                        <end|authority>
-b   <mm/dd/yyyy>   Start of the validity period; default to now.
-m   <number>       The number of months for the cert validity period
-e   <mm/dd/yyyy>   End of validity period; defaults to 2039
-h   <number>       Max height of the tree below this cert
-len <number>       Generated Key Length (Bits)
                        Default to '2048' for 'RSA' and '512' for 'DSS'
-r                  Create a self signed certificate
-nscp               Include Netscape client auth extension
-crl                Generate a CRL instead of a certificate
-eku <oid[<,oid>]>  Comma separated enhanced key usage OIDs
-?                  Return a list of basic options
-!                  Return a list of extended options

pvk2pfx.exe

Code:

Usage:

    pvk2pfx -pvk <pvk-file> [-pi <pvk-pswd>] -spc <spc-file>
           [-pfx <pfx-file> [-po <pfx-pswd>] [-f]]

        -pvk <pvk-file>  - input PVK file name.
        -spc <spc-file>  - input SPC file name.
        -pfx <pfx-file>  - output PFX file name.
        -pi <pvk-pswd>   - PVK password.
        -po <pfx-pswd>   - PFX password; same as -pi if not given.
        -f               - force overwrite existing PFX file.

        if -pfx option is not given, an export wizard will pop up. in
        this case, options -po and -f are ignored.

signtool.exe

Code:

Usage: signtool <command> [options]

  Valid commands:
    sign       --  Sign files using an embedded signature.
    timestamp  --  Timestamp previously-signed files.
    verify     --  Verify embedded or catalog signatures.
    catdb      --  Modify a catalog database.
    remove     --  Remove embedded signature(s) or reduce the size of an
                   embedded signed file.

For help on a specific command, enter "signtool <command> /?"

Usage: CertMgr [options][-s [-r <location>][SourceStoreName]
                        [-s [-r <location>][DestinationStoreName]
Options:
-add               Add certificates/CRLs/CTLs to a storeFile or a system store
-del               Delete certificates/CRLs/CTLs from a storeFile or
                    a system store
-put               Put an encoded certificate/CRL/CTL from a storeFile or
                    a system store to a file.  The file will be saved in X.509
                    format. -7 can be used to save the file in PKCS #7 format
-s                 Indicate the store is a system store
-r    <location>   The system store location
                        <currentUser|localMachine> Default to 'currentUser'
-c                 Certificates in the store
-crl               Certificates revocation lists(CRLs) in the store
-ctl               Certificates trust lists(CTLs) in the store
-v                 Verbose display of the certificates/CRLs/CTLs
-all               All certificates/CRLs/CTLs in the store
-n    <name>       Common name of the certificate
-sha1 <thumbPrint> The sha1 hash of the certificate/CRLs/CTLs
-7                 Save the destination store in PKCS #7 format
-e    <encode>     Certificate/CRL/CTL encoding type.
                    Default to X509_ASN_ENCODING
-f    <flag>       CertStore open flags.  Meaningful only if -y is set
-y    <provider>   CertStore provider name

 

лол поясняй за всю эту дич... нихрена не понял.

 

Кому он очень нужен, и не может найти, кроме как загружать и устанавливать полный пакет Visual Studio, те знают что это.

Мне он был очень необходим но в интернете не нашел, пришлось загружать полный пакет VS около 8 гб или более ради этих 4мб.

 

аа визуалка.. тоже с 8 гектарами мучался

 

То чувство, когда у тебя терабайтные диски и пофиг на размер визуалки.

 

Да дело не в размере а во времени её установки и загрузки с серверов мелкософта