A newer version of this documentation is available.

View Latest

capi

Name

netid.exe -capi – manage certificate registration to CryptoAPI MY store

Synopsis

netid.exe  -capi [decrypt -file <full path>] [dump] [dump validate]
    [encrypt -file <full path> -thumbprint <thumbprint> -algorithm <algorithm OID>]
    [move] [move -mode-store XXX -read-certificate YYY]
    [remove] [remove -mode-store XXX -read-certificate YYY]
    [sign -file <full path> -thumbprint <thumbprint>]
    [sign -file <full path> -thumbprint <thumbprint> -sha256]

Description

Microsoft CryptoAPI is fundamental for the Windows platform, and there are some utility commands available to control/view the registration of certificates to CryptoAPI MY store.

Options

decrypt

decrypt -file <full path>

 

dump

dump

Write all certificates in CryptoAPI MY store to trace, with register information.

dump validate

Write all certificates in CryptoAPI MY store to trace, with register information, and validate that the content is correct.

encrypt

encrypt -file <full path> -thumbprint <thumbprint> -algorithm <algorithm OID>

 

move

move

Register all certificates to CryptoAPI MY store. Will use current configuration to register.

move -mode-store XXX -read-certificate YYY

Register all certificates to CryptoAPI MY store using specified configuration.

remove

remove

Unregister all certificates to CryptoAPI MY store. Will use current configuration to register. Only certificates that have been registered will be removed.

remove -mode-store XXX -read-certificate YYY

Unregister all certificates to CryptoAPI MY store using specified configuration. Only certificates that have been registered will be removed.

sign

sign -file <full path> -thumbprint <thumbprint>

Sign the content of a file using CryptoAPI high-level functions. This is used to test that the basic functionality is working as expected.

sign -file <full path> -thumbprint <thumbprint> -sha256

Sign the content of a file using CryptoAPI high-level functions, but require sha-256 algorithm is used instead of default. This is used to test that the basic functionality is working as expected.