salt.modules.win_certutil

This module allows you to install certificates into the windows certificate manager.

salt '*' certutil.add_store salt://cert.cer "TrustedPublisher"
salt.modules.win_certutil.add_store(source, store, retcode=False, saltenv='base')

Add the cert to the given Certificate Store

source (str):

The source certificate file. This is either the path to a local file or a file from the file server in the form of salt://path/to/file

store (str):

The certificate store to add the certificate to

retcode (bool):

If True, return the retcode instead of stdout. Default is False

saltenv (str):

The salt environment to use. This is ignored if the path is local

CLI Example:

salt '*' certutil.add_store salt://cert.cer TrustedPublisher
salt '*' certutil.add_store C:\path\to\local.cer TrustedPublisher
salt.modules.win_certutil.del_store(source, store, retcode=False, saltenv='base')

Delete the cert from the given Certificate Store

source (str):

The source certificate file. This is either the path to a local file or a file from the file server in the form of salt://path/to/file

store (str):

The certificate store to delete the certificate from

retcode (bool):

If True, return the retcode instead of stdout. Default is False

saltenv (str):

The salt environment to use. This is ignored if the path is local

CLI Example:

salt '*' certutil.del_store salt://cert.cer TrustedPublisher
salt '*' certutil.del_store C:\path\to\local.cer TrustedPublisher
salt.modules.win_certutil.get_cert_serial(cert_file, saltenv='base')

Get the serial number of a certificate file

cert_file (str):

The certificate file to find the serial for. Can be a local file or a a file on the file server (salt://)

Returns:

The serial number of the certificate if found, otherwise None

Return type:

str

CLI Example:

salt '*' certutil.get_cert_serial <certificate name>
salt.modules.win_certutil.get_stored_cert_serials(store)

Get all of the certificate serials in the specified store

store (str):

The store to get all the certificate serials from

Returns:

A list of serial numbers found, or an empty list if none found

Return type:

list

CLI Example:

salt '*' certutil.get_stored_cert_serials <store>