salt.modules.win_certutil

This module allows you to install certificates into the windows certificate manager.

salt '*' certutil.add_store salt://cert.cer 'TrustedPublisher'
salt.modules.win_certutil.add_store(source, store, retcode=False, saltenv='base')

Add the cert to the given Certificate Store

Parameters:

  • source (str) -- The source certificate file. This is either the path to a local file or a file from the file server in the form of salt://path/to/file

  • store (str) -- The certificate store to add the certificate to

  • retcode (bool, optional) -- If True, return the retcode instead of stdout. Default is False.

  • saltenv (str, optional) -- The salt environment to use. This is ignored if the path is local. Default is base.

CLI Example:

salt '*' certutil.add_store salt://cert.cer TrustedPublisher
salt '*' certutil.add_store C:\path\to\local.cer TrustedPublisher
salt.modules.win_certutil.del_store(source, store, retcode=False, saltenv='base')

Delete the cert from the given Certificate Store

Parameters:

  • source (str) -- The source certificate file. This is either the path to a local file or a file from the file server in the form of salt://path/to/file

  • store (str) -- The certificate store to delete the certificate from

  • retcode (bool, optional) -- If True, return the retcode instead of stdout. Default is False

  • saltenv (str, optional) -- The salt environment to use. This is ignored if the path is local. Default is base.

CLI Example:

salt '*' certutil.del_store salt://cert.cer TrustedPublisher
salt '*' certutil.del_store 'C:\path\to\local.cer' TrustedPublisher
salt.modules.win_certutil.get_cert_serial(cert_file, saltenv='base')

Get the serial number of a certificate file

Parameters:

  • cert_file (str) -- The certificate file to find the serial for. Can be a local file or a file on the file server (salt://)

  • saltenv (str, optional) -- The environment on the fileserver to use for the certificate. Default is base.

Returns:

The serial number of the certificate if found, otherwise None.

Return type:

str

CLI Example:

salt '*' certutil.get_cert_serial <certificate name>
salt.modules.win_certutil.get_stored_cert_serials(store)

Get all of the certificate serials in the specified store

store (str):

The store to get all the certificate serials from

Returns:

A list of serial numbers found, or an empty list if none found

Return type:

list

CLI Example:

salt '*' certutil.get_stored_cert_serials <store>

Generated on August 28, 2025 at 22:35:34 UTC.

You are viewing docs for the previous stable release, 3006.15. Switch to docs for the latest stable release, 3007.7, or to a recent doc build from the master branch.


saltproject.io

© 2025 VMware, Inc. | Privacy Policy