certutil.exe CertUtil.exe 471ea5c694a2644bf877bc51e448c8be

File info

File name: certutil.exe.mui
Size: 92160 byte
MD5: 471ea5c694a2644bf877bc51e448c8be
SHA1: f182a21dafe0a06e85e65e8db2d0b0731269d338
SHA256: 6f6e671e4cb9fda297d3a5e6308cbaf2424c2b2a26dc5ce389adf1c52b5ee940
Operating systems: Windows 10
Extension: MUI
In x64: certutil.exe CertUtil.exe (32 位)

Translations messages and strings

If an error occurred or the following message in Chinese (Simplified) language and you cannot find a solution, than check answer in English. Table below helps to know how correctly this phrase sounds in English.

id Chinese (Simplified) English
211PKCS #7 (*.p7b)|*.p7b|X.509 证书(*.cer;*.crt)|*.cer;*.crt|个人信息交换(*.p12, *.pfx)|*.pfx|所有文件(*.*)|*.*|| PKCS #7 (*.p7b)|*.p7b|X.509 Certificate (*.cer;*.crt)|*.cer;*.crt|Personal Information Exchange (*.p12, *.pfx)|*.pfx|All Files (*.*)|*.*||
212选择要完成 CA 安装的文件 Select file to complete CA installation
213未知的提供程序名 Unknown provider name
214找不到 %1 的证书以建立证书链。要立即安装此证书吗? Cannot find the certificate for %1 to build a certificate chain. Do you wish to install this certificate now?
215无法验证证书链。要忽略此错误并继续吗? Cannot verify certificate chain. Do you wish to ignore the error and continue?
216从 %1 检索挂起证书时出现
错误:
An error occurred retrieving the pending certificate
from %1:
217获取服务器 CA 名 Get Server CA Name
218选择 CA Select CA
230保存证书和密钥 Save certificate and Keys
231检索证书 Retrieve Certificate
232完成暂停的安装程序 Finish Suspended Setup
233此证书不是 CA 证书。 The certificate is not a CA certificate.
234安装完成 Setup complete
235检索挂起证书 Retrieve Pending Certificate
236密钥索引 Key Index
237加载旧的证书 Load Old Certificate
238克隆根证书 Clone Root Certificate
239构建申请 Build Request
240续订 CA -- 重新使用密钥 Renew CA -- reuse keys
241安装 CA 证书 Install CA Certificate
242续订 CA -- 新密钥 Renew CA -- new keys
243建立 CA 证书 Build CA Certificate
244保存链和密钥 Save Chain and Keys
245若要向脱机 CA 发送请求,请单击“取消”并将 %1 的请求文件发送给父 CA。 If you want to send the request to an offline CA, click Cancel and send the request file at %1 to your parent CA.
246创建 DS CDP 对象 Create DS CDP object
247创建 DS 注册服务对象 Create DS enrollment services object
248创建 DS 根信任 Create DS Root Trust
249在 DS 中发布 CA Publish CA in DS
250提交申请 Submit Request
251新建密钥容器“%1”时出错。请确保 CSP 安装正确或者另选一个 CSP。
An error occurred when creating the new key container "%1". Please make sure the CSP is installed correctly or select another CSP.
252证书颁发机构证书的长度错误: The Certification Authority certificate has a bad length:
253无法安装新的证书颁发机构证书,因为 CA 版本扩展不正确。应该使用最近生成的申请文件来获得新的证书: %1 The new Certification Authority certificate cannot be installed because the CA Version extension is incorrect. The most recently generated request file should be used to obtain the new certificate: %1
254根证书没有被信任。你想要信任此计算机上的根证书并完成安装吗? The root certificate is untrusted. Do you wish to trust the root certificate on this machine and complete the installation?
255无法将证书颁发机构证书添加到证书存储: Cannot add the Certification Authority certificate to the certificate store:
256无法用证书颁发机构证书创建证书上下文: Cannot create a certificate context using the Certification Authority certificate:
257未引用的 INF 节 Unreferenced INF sections
258设置安全 Set Security
259无法创建文件 %1: Cannot create file %1:
260无法删除现有私钥“%1”。请重新使用这个密钥,或者使用该 CA 的其他名称。
The existing private key "%1" cannot be deleted. Either reuse this key, or use a different name for the CA.
261无法编码密钥属性: Cannot encode key attributes:
262无法编码证书: Cannot encode certificate:
263未设置 %SystemRoot% 环境变量。 The %SystemRoot% environment variable is not set.
264这个密钥存储设备已满,无法添加新密钥 "%1"。请返回并选取一个现有密钥,或者使用不同的密钥存储设备。
This key storage device is full and the new key "%1" could not be added. Go back and pick an existing key, or use a different key storage device.
265为“Active Directory 证书服务”服务生成密钥 "%1" 时出现错误。CSP 配置不完整,或者密钥长度不受支持。请确保 CSP 安装正确,或者另选一个 CSP。
An error occurred when generating key "%1" for the Active Directory Certificate Services service. Either the CSP configuration is not complete or the key length is not supported. Please make sure the CSP is installed correctly or select another CSP.
266无法确定计算机名: Cannot determine the computer name:
267在私钥 "%1" 上设置安全访问时出现错误;或者所选的 CSP 不支持在私钥上设置安全访问。请确保 CSP 安装正确,或者另选一个 CSP。
An error occurred when setting the security access on the private key "%1", or the CSP selected does not support setting security access on private keys. Please make sure the CSP is installed correctly or select another CSP.
268无法解码证书颁发机构名称信息: Cannot decode Certification Authority name information:
269因为你不是域管理员,父 CA 拒绝了你的请求。(%1)
若要为你的 CA 获取证书,必须作为域管理员来请求证书。你可以用证书颁发机构管理单元安装证书。
The parent CA has denied your request because you are not a domain administrator. (%1)
To obtain the certificate for your CA, you must request the certificate as a domain administrator. You can install the certificate using the Certification Authority snap-in.
270新证书的使用者公用名与活动 CA 名称不匹配: The new certificate subject Common Name does not match the active CA name:
271生成密钥 Generate Keys
272配置 Active Directory 证书服务时检测到一个错误。
需要重新运行 Active Directory 证书服务安装向导来完成配置。
An error was detected while configuring Active Directory Certificate Services.
The Active Directory Certificate Services Setup Wizard will need to be rerun to complete the configuration.
273父 CA 拒绝了你的 CA 证书请求。请与父 CA 管理员联系。
(%1)
The parent CA has denied your request for a CA certificate. Please contact the parent CA administrator.
(%1)
274父 CA 处理这个 CA 证书申请时出现错误。请与父 CA 管理员联系。
(%1)
An error occurred when the parent CA processed this CA certificate request. Please contact the parent CA administrator.
(%1)
275这个 CA 证书申请没有完成。请与父 CA 管理员联系。
(%1)
This CA certificate request did not complete. Please contact the parent CA administrator.
(%1)
276这个 CA 证书将由管理部门颁发。请与父 CA 管理员联系。
(%1)
This CA certificate will be issued administratively. Please contact the parent CA administrator.
(%1)
277这个 CA 证书请求处于挂起状态。请与父 CA 管理员联系。
(%1)
This CA certificate request is in the pending state. Please contact the parent CA administrator.
(%1)
278这个 CA 证书已被父 CA 吊销。请与父 CA 管理员联系。
(%1)
This CA certificate was revoked by the parent CA. Please contact the parent CA administrator.
(%1)
279无法为证书上下文设置密钥提供程序信息: Cannot set the key provider information for the certificate context:
280无法向指定的 CA 提交证书请求。请确保 CA 信息正确且该 CA 处于联机状态。注意: 仅支持运行 Microsoft Active Directory 证书服务的 CA。
Cannot submit the certificate request to the specified CA. Please ensure that the CA information is correct and that the CA is online. Note: only CAs running the Microsoft Active Directory Certificate Services are supported.
281无法向指定的 CA 提交证书请求。(%1)
若要为 CA 获取证书,请用证书颁发机构管理单元安装证书。
Cannot submit the certificate request to the specified CA. (%1)
To obtain the certificate for your CA, you can install the certificate using the Certification Authority snap-in.
282新证书的使用者名称与活动的 CA 名称不完全匹配。
请用一个新的密钥续订,以允许使用者名称的细微更改:
The new certificate subject name does not exactly match the active CA name.
Renew with a new key to allow minor subject name changes:
283新证书的公钥与当前未完成的请求不匹配。
可能使用了错误请求来生成新证书:
The new certificate public key does not match the current outstanding request.
The wrong request may have been used to generate the new certificate:
284查找 %1 的证书 Find certificate for %1
285无法将证书颁发机构证书写入文件“%1”: Cannot write the Certification Authority certificate to file "%1":
286无法写入文件 %1: Cannot write to file %1:
287INF 文件错误 INF file error
288设置密钥安全 Set Key Security
289父 CA = Parent CA =
290申请 ID = Request ID =
291Microsoft Active Directory 证书服务 Microsoft Active Directory Certificate Services
292设置目录安全性 Set Directory Security
299在新建密钥容器“%1”时出错。你没有此密钥容器的写入权限。请使用其他 CA 名称。
An error occurred when creating the new key container "%1". You do not have write access permission to the key container. Please use a different CA name.
301转储配置信息或文件 Dump configuration information or file
302获取默认配置字符串 Get default configuration string
303通过 ICertGetConfig 获取默认配置字符串 Get default configuration string via ICertGetConfig
304CA 版本 CA Version
305解码十六进制编码的文件 Decode hexadecimal-encoded file
306解码 Base64 编码的文件 Decode Base64-encoded file
307将文件编码为 Base64 Encode file to Base64
308拒绝挂起的申请 Deny pending request
309重新提交挂起的申请 Resubmit pending request
310吊销证书 Revoke Certificate
311发布新的 CRL [或仅增量 CRL] Publish new CRLs [or delta CRLs only]
312获取 CRL Get CRL
313显示当前证书部署 Display current certificate disposition
314为挂起申请设置属性 Set attributes for pending request
315为挂起申请设置扩展 Set extension for pending request
316检索 CA 的证书 Retrieve the CA's certificate
317检索 CA 的证书链 Retrieve the CA's certificate chain
318UserKeyAndCertFile [CertId] UserKeyAndCertFile [CertId]
319为密钥存档导入用户密钥和证书到服务器数据库 Import user keys and certificates into server database for key archival
320转储原始数据库 Dump Raw Database
321验证公/私钥集 Verify public/private key set
322验证证书,CRL 或链 Verify certificate, CRL or chain
323检查 0x7f 长度编码的证书 Check certificate for 0x7f length encodings
324显示该用法消息 Display this usage message
325详细操作 Verbose operation
326使用 IDispatch,不使用 COM 本机方式 Use IDispatch instead of COM native methods
327反转日志和队列栏 Reverse Log and Queue columns
328选项: Options:
329无法识别的原因 Unrecognized Reason
330InFile OutFile InFile OutFile
331栏名 本地化名称 类型 最大长度 Column Name Localized Name Type MaxLength
332---------------------------- ---------------------------- ------ --------- ---------------------------- ---------------------------- ------ ---------
333RequestId RequestId
335SerialNumber [Reason] SerialNumber [Reason]
336[%3 | %1] [%2] [%3 | %1] [%2]
337OutFile [Index] [%1] OutFile [Index] [%1]
338SerialNumber | CertHash SerialNumber | CertHash
339RequestId AttributeString RequestId AttributeString
340RequestId ExtensionName Flags {Long | Date | String | @InFile} RequestId ExtensionName Flags {Long | Date | String | @InFile}
341OutCACertFile [Index] OutCACertFile [Index]
342OutCACertChainFile [Index] OutCACertChainFile [Index]
343[KeyContainerName CACertFile] [KeyContainerName CACertFile]
344CertFile [ApplicationPolicyList | - [IssuancePolicyList]] [Modifiers]
CertFile [CACertFile [CrossedCACertFile]]
CRLFile CACertFile [IssuedCertFile]
CRLFile CACertFile [DeltaCRLFile]
CertFile [ApplicationPolicyList | - [IssuancePolicyList]] [Modifiers]
CertFile [CACertFile [CrossedCACertFile]]
CRLFile CACertFile [IssuedCertFile]
CRLFile CACertFile [DeltaCRLFile]
345CertFile CertFile
346内存不足 Out of memory
347缺少 %ws 参数 Missing %ws arg
348未知参数: %ws Unknown arg: %ws
349多个动词参数: %ws Multiple verb args: %ws
350找不到参数 Missing argument
351参数太多 Too many arguments
352内部动词表错误 Internal verb table error
353异常的 "-%ws" 选项 Unexpected "-%ws" option
354用法: Usage:
355选项 Options
356动词: Verbs:
357ObjectId -- 要显示或添加显示名称的 ObjectId
GroupId -- 要枚举的 ObjectId 的十进制 GroupId 编号
AlgId -- 要查找的 ObjectId 的十六进制 AlgId
AlgorithmName -- 要查找的 ObjectId 的算法名称
DisplayName -- 要在 DS 中存储的显示名称
%1 -- 删除显示名称
LanguageId -- 语言 Id(默认为当前: %2)
Type -- 要创建的 DS 对象类型: 1 为模板(默认),
2 为颁发策略,3 为应用程序策略
用 %3 来创建 DS 对象。
ObjectId -- ObjectId to display or to add display name
GroupId -- decimal GroupId number for ObjectIds to enumerate
AlgId -- hexadecimal AlgId for ObjectId to look up
AlgorithmName -- Algorithm Name for ObjectId to look up
DisplayName -- Display Name to store in DS
%1 -- delete display name
LanguageId -- Language Id (defaults to current: %2)
Type -- DS object type to create: 1 for Template (default),
2 for Issuance Policy, 3 for Application Policy
Use %3 to create DS object.
358-- 已索引 -- Indexed
359输入长度 = %d Input Length = %d
360没有密钥颁发机构序列号 No Key Authority serial number
361输出长度 = %d Output Length = %d
362DecodeFile 返回了 %ws DecodeFile returned %ws
363EncodeToFile 返回了 %ws EncodeToFile returned %ws
364颁发者 Issuer
365使用者 Subject
366错误: CA 颁发者名与密钥颁发机构名称(%x)不匹配 ERROR: CA Issuer name does not match Key Authority name (%x)
367CA 颁发者名与密钥颁发机构名称匹配 CA Issuer name matches Key Authority name
368没有密钥颁发机构名称 No Key Authority name
369错误: 颁发者序列号与密钥颁发机构不匹配 ERROR: Issuer serial number does not match Key Authority
370颁发者序列号与密钥颁发机构匹配 Issuer serial number matches Key Authority
371颁发者名称 Issuer Name
372密钥颁发机构名称 KeyAuthority Name
373KeyId: KeyId:
374密钥颁发机构序列号: Key Authority SerialNumber:
375CA 序列号: CA Serial Number:
376进程: Process:
377[DomainDN | -] [DomainDN | -]
378LoadKeys 返回了 %ws LoadKeys returned %ws
379LoadCert 返回 %ws LoadCert returned %ws
380错误: 证书公钥与存储的密钥集不匹配 ERROR: Certificate public key does NOT match stored keyset
381容器公钥: Container Public Key:
382证书公钥: Certificate Public Key:
383密钥 "%ws" 验证为证书 "%ws" 的公钥 Key "%ws" verifies as the public key for Certificate "%ws"
384密钥 "%ws" 没有验证为证书 "%ws" 的公钥 Key "%ws" does NOT verify as the public key for Certificate "%ws"
385分支证书被吊销(原因=%x) Leaf certificate is REVOKED (Reason=%x)
386错误: 验证分支证书吊销状态返回了 %ws ERROR: Verifying leaf certificate revocation status returned %ws
387无法检查分支证书吊销状态 Cannot check leaf certificate revocation status
388通过了分支证书吊销检查 Leaf certificate revocation check passed
389LoadCert(Cert)返回了 %ws LoadCert(Cert) returned %ws
390LoadCert(CA)返回了 %ws LoadCert(CA) returned %ws
391证书 Cert
392Issuing CA Cert Issuing CA Cert
393证书序列号: Cert Serial Number:
394发证 CA 证书序列号: Issuing CA Cert Serial Number:
395发证 CA 不是根: 使用者名称与颁发者不匹配 Issuing CA is not a root: Subject name does not match Issuer
396错误: 发证 CA 使用者名称与证书颁发者不匹配 ERROR: Issuing CA Subject name does not match Cert Issuer
397发证 CA 使用者名称与证书颁发者匹配 Issuing CA Subject name matches Cert Issuer
398CertVerifySubjectCertificateContext 标志 = %x -- CertVerifySubjectCertificateContext Flags = %x --
399错误: 证书验证故障: %x ERROR: Certificate validation failure: %x
400错误: CA 没有颁发证书: 签名检查失败 ERROR: CA did not issue Certificate: Signature check failed
401错误: 证书已过期 ERROR: Certificate has expired
402证书没有过期 Certificate is current
403含有 CRL_DIST_POINTS 吊销检查扩展 Contains CRL_DIST_POINTS revocation-check extension
404含有 NETSCAPE_REVOCATION_URL 吊销检查扩展 Contains NETSCAPE_REVOCATION_URL revocation-check extension
405证书没有吊销检查扩展 Certificate has no revocation-check extension
406验证结果,%ws 是 %ws 颁发的 %ws verifies as issued by %ws
407%ws 未验证(由 %ws 颁发) %ws does NOT verify (issued by %ws)
408-- 跳过了吊销检查。 -- Revocation check skipped.
409-- 通过了吊销检查。 -- Revocation check passed.
410-- 吊销检查: 被吊销。 -- Revocation check: REVOKED.
411-- 吊销检查失败。 -- Revocation check FAILED.
412签名与公钥匹配 Signature matches Public Key
413CRL 项: CRL Entries:
414证书: Cert:
415??? ???
416可能长度位于 Suspect length in
417: field=%ws : field=%ws
418, oid=%ws , oid=%ws
419Extension %d: oid="%hs" fcrit=%u length=%x Extension %d: oid="%hs" fcrit=%u length=%x
420签名与公钥不相配: %x Signature does not match Public key: %x
421无法解码对象: %ws Cannot decode object: %ws
422算法 ObjectId Algorithm ObjectId
423算法参数: Algorithm Parameters:
424NULL NULL
425公钥: UnusedBits = %u Public Key: UnusedBits = %u
426ChallengeString: "%ws" ChallengeString: "%ws"
427配置字符串: "%ws" Config String: "%ws"
428ICertGetConfig 配置字符串: "%ws" ICertGetConfig Config String: "%ws"
429证书申请挂起: RequestId: %u Certificate request is pending: RequestId: %u
430颁发了证书。 Certificate issued.
431尚未颁发证书: 部署: %d -- %ws Certificate has not been issued: Disposition: %d -- %ws
432"%ws" 的证书部署无效 Certificate disposition for "%ws" is invalid
433"%ws" 的证书部署有效 Certificate disposition for "%ws" is valid
434"%ws" 的证书部署被吊销(%ws) Certificate disposition for "%ws" is revoked (%ws)
435日期 Date
436 Long
437字符串 String
438二进制 Binary
439架构: Schema:
440第 %u 行: Row %u:
441正在打开数据库 %ws Opening Database %ws
442清空 EMPTY
443错误=%ws error = %ws
444, ,
445任何格式 Any Format
446PKCS10 PKCS10
447KeyGen 标记 KeyGen Tag
448PKCS7 PKCS7
449未知 Unknown
450Force Teletex Force Teletex
451续订 Renewal
452Critical Critical
453已禁用 Disabled
454PolicyFlags=%x PolicyFlags=%x
455申请 Request
456策略 Policy
457系统管理员 Admin
458服务器 Server
460Origin=%ws Origin=%ws
461???=%x ???=%x
462通过 ICertConfig 获得配置 Get configuration via ICertConfig
463申请属性: Request Properties:
464证书属性: Certificate Properties:
465命令行 Command Line
466净化的名称: Sanitized Name:
467%ws: 标志 = %x%ws,长度 = %x %ws: Flags = %x%ws, Length = %x
468要求至少 %u 个参数,但收到了 %u 个 Expected at least %u args, received %u
469要求不多于 %u 个参数,但收到了 %u 个 Expected no more than %u args, received %u
470找不到活动证书颁发机构: %ws No active Certification Authorities found: %ws
471%ws: -%ws 失败: %ws %ws: -%ws command FAILED: %ws
473None None
474Other Other
475Issuer Issuer
476IssuerRDN IssuerRDN
477IssuerRDNAttribute IssuerRDNAttribute
478IssuerRDNString IssuerRDNString
479Subject Subject
480SubjectRDN SubjectRDN
481SubjectRDNAttribute SubjectRDNAttribute
482SubjectRDNString SubjectRDNString
483Extensions Extensions
484ExtensionArray ExtensionArray
485Extension Extension
486ExtensionValue ExtensionValue
487ExtensionValueRaw ExtensionValueRaw
488没有密钥提供程序信息 No key provider information
489转储证书视图 Dump Certificate View
490%ws 被添加到 DS 存储。 %ws added to DS store.
491Ping Active Directory 证书服务申请接口 Ping Active Directory Certificate Services Request interface
492Ping Active Directory 证书服务管理接口 Ping Active Directory Certificate Services Admin interface
493名称: Name:
494部门: Organizational Unit:
495单位: Organization:
496区域: Locality:
497省/自治区: State:
498国家/地区: Country/region:
499配置: Config:
500Exchange 证书: Exchange Certificate:
501签名证书: Signature Certificate:
502描述: Description:
503服务器: Server:
504颁发机构: Authority:
505 Entry
506证书扩展: Certificate Extensions:
508关闭 Active Directory 证书服务 Shutdown Active Directory Certificate Services
509命令状态 Command Status
510转储证书架构 Dump Certificate Schema
511命令成功 Command Succeeded
512密码 Password
513X509 证书: X509 Certificate:
514X509 证书吊销列表: X509 Certificate Revocation List:
515PKCS10 证书申请: PKCS10 Certificate Request:
516KeyGen 证书申请: KeyGen Certificate Request:
517版本: %u Version: %u
518序列号: Serial Number:
519签名算法: Signature Algorithm:
520公钥算法: Public Key Algorithm:
521颁发者唯一 Id: Issuer Unique Id:
522使用者唯一 Id: Subject Unique Id:
523NotBefore: NotBefore:
524NotAfter: NotAfter:
525这次更新: ThisUpdate:
526下一次更新: NextUpdate:
527吊销日期: Revocation Date:
528扩展: Extensions:
529CRL 扩展: CRL Extensions:
530PKCS7 消息: PKCS7 Message:
531可能的根证书: 使用者与颁发者匹配,但签名检查失败: %x Possible Root Certificate: Subject matches Issuer, but Signature check fails: %x
532非根证书 Non-root Certificate
533根证书: 使用者与颁发者匹配 Root Certificate: Subject matches Issuer
534非根证书使用的公钥与颁发者的相同 Non-root Certificate uses same Public Key as Issuer
535正在吊销 "%ws" Revoking "%ws"
536输入 PFX 密码: Enter PFX password:
537没有内置的格式支持 No built-in formatting support
538私钥: Private Key:
539时长 Length
540将时间显示为 GMT Display times as GMT
541GMT GMT
542BackupDirectory BackupDirectory
543备份 Active Directory 证书服务证书和私钥 Backup Active Directory Certificate Services certificate and private key
544BackupDirectory | PFXFile BackupDirectory | PFXFile
545还原 Active Directory 证书服务证书和私钥 Restore Active Directory Certificate Services certificate and private key
546[CertificateStoreName [CertId [OutputFile]]] [CertificateStoreName [CertId [OutputFile]]]
547转储证书存储 Dump certificate store
548提供程序类型 = %x ProviderType = %x
549密钥容器 = %ws Key Container = %ws
550提供程序 = %ws Provider = %ws
551KeySpec = %x KeySpec = %x
552标志 Flags
553还原了 %ws\%ws 的密钥和证书,来源为 %ws。 Restored keys and certificates for %ws\%ws from %ws.
554将 %ws\%ws 的密钥和证书备份到了 %ws。 Backed up keys and certificates for %ws\%ws to %ws.
555[CACertFile] [CACertFile]
556安装证书颁发机构证书 Install Certification Authority certificate
557PKCS7 消息内容: PKCS7 Message Content:
558通过身份验证的属性 Authenticated Attributes
559签名证书索引 Signing Certificate Index
560================ 开始嵌套等级 %d ================ ================ Begin Nesting Level %d ================
561---------------- 结束嵌套等级 %d ---------------- ---------------- End Nesting Level %d ----------------
562%ws: 语言 %08x (%u.%u) %ws: Lang %08x (%u.%u)
563文件 %u.%u:%u.%u File %u.%u:%u.%u
564产品 %u.%u:%u.%u
Product %u.%u:%u.%u
565没有签名者 No Signer
566没有 PKCS7 消息内容 No PKCS7 Message Content
567没有证书 No Certificates
568没有 CRL No CRLs
570CRL: CRLs:
571续订证书: Renewal Certificate:
572加密的哈希: Encrypted Hash:
573%d 属性: %d attributes:
574属性 Attribute
575值[%d][%d],长度 = %x Value[%d][%d], Length = %x
576BackupDirectory [%1] [%2] BackupDirectory [%1] [%2]
577备份 Active Directory 证书服务数据库 Backup Active Directory Certificate Services database
579还原 Active Directory 证书服务数据库 Restore Active Directory Certificate Services database
580原因: 未指定 Reason: Unspecified
581原因: 密钥泄漏 Reason: Key Compromise
582原因: CA 泄漏 Reason: CA Compromise
583原因: 附属已更改 Reason: Affiliation Changed
584原因: 被取代 Reason: Superseded
585原因: 停止操作 Reason: Cessation of Operation
586原因: 证书挂起 Reason: Certificate Hold
587原因: 从 CRL 删除 Reason: Remove From CRL
588列出安装在这台计算机上的 CSP List CSPs installed on this machine
589检测安装在这台计算机上的 CSP Test CSPs installed on this machine
590[Algorithm] [Algorithm]
591用无声标志获得 crypt 上下文 Use silent flag to acquire crypt context
592%1 -- 请求队列
%2 -- 已颁发或吊销的证书,以及失败的请求
%3 -- 失败的请求
%4 -- 已吊销的证书
%5 -- 扩展表
%6 -- 属性表
%7 -- CRL 表
%8 -- 以逗号分隔值输出

显示所有项目的 StatusCode 栏:
-out StatusCode
显示最后项目的所有栏:
-restrict "RequestId==$"
显示三个请求的 RequestId 和部署:
-restrict "RequestId=37,RequestId
%1 -- Request queue
%2 -- Issued or revoked certificates, plus failed requests
%3 -- Failed requests
%4 -- Revoked certificates
%5 -- Extension table
%6 -- Attribute table
%7 -- CRL table
%8 -- Output as Comma Separated Values

To display the StatusCode column for all entries:
-out StatusCode
To display all columns for the last entry:
-restrict "RequestId==$"
To display RequestId and Disposition for three requests:
-restrict "RequestId=37,RequestId
593[ObjectId | %1 | %2 [CommonName]] [ObjectId | %1 | %2 [CommonName]]
594运行中 Active
595挂起 Pending
596已颁发 Issued
597已吊销 Revoked
598错误 Error
599已拒绝 Denied
600续订证书 Renewal Cert
601停止并启动 Active Directory 证书服务来完成从 %ws 的数据库还原。 Stop and Start Active Directory Certificate Services to complete database restore from %ws.
602服务器 ICertAdmin%ws 接口还在运行 Server ICertAdmin%ws interface is alive
603无法打开 Active Directory 证书服务数据库: %ws。 Cannot open Active Directory Certificate Services database: %ws.
604必须为直接数据库访问停止证书颁发机构服务。 The Certification Authority service must be stopped for direct database access.
605(本地) (Local)
606%ws: 没有本地证书颁发机构;使用 -config 选项 %ws: No local Certification Authority; use -config option
607原因: 解除吊销 Reason: Unrevoke
608造成这种现象的原因:
不能访问服务器
服务器上没有权限
服务器不在期望的状态下
This might be caused by:
Inaccessible server
No permissions on server
Server not in the expected state
609转储 PFX 结构 Dump PFX structure
610服务器 "%ws" ICertRequest%ws 接口还在运行 %ws Server "%ws" ICertRequest%ws interface is alive %ws
611正在连接到 %ws ... Connecting to %ws ...
612使用 HKEY_CURRENT_USER 项或证书存储 Use HKEY_CURRENT_USER keys or certificate store
613================ 证书 %d ================ ================ Certificate %d ================
614输入新密码: Enter new password:
615确认新密码: Confirm new password:
616密码不同 -- 请再试一次 Password differs -- please try again
617找不到储存的密钥集 Missing stored keyset
619备份 Active Directory 证书服务 Backup Active Directory Certificate Services
621还原 Active Directory 证书服务 Restore Active Directory Certificate Services
622CertificateStoreName InFile CertificateStoreName InFile
623将证书添加到存储 Add certificate to store
624CertificateStoreName CertId CertificateStoreName CertId
625从存储删除证书 Delete certificate from store
626CertificateStoreName [CertId] CertificateStoreName [CertId]
627验证存储中的证书 Verify certificate in store
628正在删除证书 %d: %ws Deleting Certificate %d: %ws
629根据 UNTRUSTED 根进行验证 Verifies against UNTRUSTED root
630不完整的证书链 Incomplete certificate chain
631证书有效 Certificate is valid
632不完整 Incomplete
636在区外颁发 Issued Out of Band
639"%ws" 的证书申请挂起 Certificate request for "%ws" is pending
640无法将非根证书添加到根存储 Cannot add a non-root certificate to the root store
641强制覆盖 Force overwrite
642证书或密钥存在。用 "%ws" 选项来覆盖。 Certificate or key exists. Use the "%ws" option to overwrite.
643%ws 的增量数据库备份。 Incremental database backup for %ws.
644%ws 的完整数据库备份。 Full database backup for %ws.
645将数据库备份到了 %ws。 Backed up database to %ws.
646保留了数据库日志。 Database logs were preserved.
647成功截断了数据库日志。 Database logs successfully truncated.
648正在还原 %ws 的数据库。 Restoring database for %ws.
649文件 File
650ObjectId [DisplayName | %1 [LanguageId [Type]]]
GroupId
AlgId | AlgorithmName [GroupId]
ObjectId [DisplayName | %1 [LanguageId [Type]]]
GroupId
AlgId | AlgorithmName [GroupId]
651显示 ObjectId 或设置显示名称 Display ObjectId or set display name
652未知 ObjectId Unknown ObjectId
653Certfile [%1] Certfile [%1]
654将证书文件导入数据库 Import a certificate file into the database
655导入了证书,分配了 RequestId %i。 Imported Certificate, Assigned RequestId %i.
656跳过了吊销检查 -- 服务器脱机 Revocation check skipped -- server offline
657跳过了吊销检查 -- 没有吊销信息可用 Revocation check skipped -- no revocation information available
658显示动态文件列表 Display dynamic file List
659[{%1|%2|%3|%4|%5|%6|%7|%8}\[%9\]][RegistryValueName] [{%1|%2|%3|%4|%5|%6|%7|%8}\[%9\]][RegistryValueName]
660显示注册表值 Display registry value
661[{%1|%2|%3|%4|%5|%6|%7|%8}\[%9\]]RegistryValueName 值 [{%1|%2|%3|%4|%5|%6|%7|%8}\[%9\]]RegistryValueName Value
662设置注册表值 Set registry value
663旧值: Old Value:
664新值: New Value:
665AltName: %u 项目: AltName: %u entries:
666AltName AltName
667显示数据库位置 Display database locations
668不是有效备份目标目录: %ws。 Not a valid backup target directory: %ws.
669不是有效备份目录: %ws。 Not a valid backup directory: %ws.
670备份内容验证失败: %ws。 Backup content verification failed: %ws.
671%ws 的增量数据库还原。 Incremental database restore for %ws.
672%ws 的完整数据库还原。 Full database restore for %ws.
673导入的证书 Imported Cert
674错误: 证书尚未生效 ERROR: Cert is not yet valid
676错误: 证书在发证 CA 证书生效之前就有效了 ERROR: Cert Valid before issuing CA Cert Valid
677错误: 证书在发证 CA 证书过期之前就过期了 ERROR: Cert Expires after issuing CA Cert Expires
678解码了额外的扩展队列编码层(Teletex 字符串) Decoded extra Extension Array encoding layer (Teletex string)
679ErrorCode ErrorCode
680显示错误代码消息文本 Display error code message text
681创建/删除 Web 虚拟根和文件共享 Create/delete web virtual roots and file shares
682Web 虚拟根 %ws Web Virtual Root %ws
683文件共享 %ws File Share %ws
684已创建 Created
685已删除 Deleted
686已存在 Already Exists
687找不到 Not Found
688创建错误 Create Error
689删除错误 Delete Error
690不受支持。由于未安装“IIS 6 元数据库兼容性”角色服务,无法创建虚拟目录。请安装“IIS 6 元数据库兼容性”角色服务并再次运行该命令。 Not Supported. The virtual directory cannot be created because the "IIS 6 Metabase Compatibility" role service is not installed. Install the "IIS 6 Metabase Compatibility" role service and run the command again.
691[%1] [%1]
692正在备份数据库文件 Backing up Database files
693正在备份日志文件 Backing up Log files
694正在截断日志 Truncating Logs
695正在还原数据库文件 Restoring Database files
696正在还原日志文件 Restoring Log files
697行索引最大值 Maximum Row Index
698CA Cert CA Cert
699CA 证书链 CA Cert Chain
700字符 Characters
701溢出: OVERFLOW:
702重复 "-%ws" 选项 Repeated "-%ws" option
703配置字符串必须包括颁发机构名称 Config string must include Authority name
704CertFile -- 要发布的证书文件
%1 -- 发布证书到 DS 企业存储
%2 -- 发布证书到 DS 信任根存储
%3 -- 发布 CA 证书到 DS CA 对象
%4 -- 发布交叉证书到 DS CA 对象
%5 -- 发布证书到 DS 密钥恢复代理对象
%6 -- 发布证书到用户 DS 对象
%7 -- 发布证书到计算机 DS 对象
CRLFile -- 要发布的 CRL 文件
DSCDPContainer -- DS CDP 容器 CN,通常是 CA 计算机名
DSCDPCN -- DS CDP 对象 CN,通常基于净化后的 CA 短名称和密钥索引
使用 %8 来创建 DS 对象。
CertFile -- certificate file to publish
%1 -- Publish cert to DS Enterprise store
%2 -- Publish cert to DS Trusted Root store
%3 -- Publish CA cert to DS CA object
%4 -- Publish cross cert to DS CA object
%5 -- Publish cert to DS Key Recovery Agent object
%6 -- Publish cert to User DS object
%7 -- Publish cert to Machine DS object
CRLFile -- CRL file to publish
DSCDPContainer -- DS CDP container CN, usually the CA machine name
DSCDPCN -- DS CDP object CN, usually based on the sanitized CA short name and key index
Use %8 to create DS object.
705请确保服务器安装正确,然后再重试。 Ensure the server is correctly installed and retry.
706正在连接到数据源 %hs(作为用户 %hs) Connecting to data source %hs as user %hs
707未能连接到数据源 0x%08x (%d) Failed to connect to data source 0x%08x (%d)
708转换了 %u 行 Converted %u rows
709跳过已存在于新的数据库中的 %u 行 Skipped %u rows that already exist in new Database
710跳过了不是这个证书颁发机构颁发的 %u 行 Skipped %u rows not issued by this Certification Authority
711正在转换行 %u Converting Row %u
712行 %u -- 正在跳过重复序列号: %ws Row %u -- Skipping duplicate Serial Number: %ws
713行 %u -- 正在跳过不是这个证书颁发机构颁发的项目: %ws Row %u -- Skipping entry not issued by this Certification Authority: %ws
714正在将源行 %u 转换成目标行 %u Converting source row %u to target row %u
715%u.%u 的开始名称表项目 Begin names table entries for %u.%u
716%u.%u 的结束名称表项目 End names table entries for %u.%u
717获取 SMTP 信息 Get SMTP info
718LogonName LogonName
719设置 SMTP 信息 Set SMTP info
720%u 行 %u Rows
721行属性 Row Properties
722申请属性 Request Attributes
723证书扩展 Certificate Extensions
724域总数 Total Fields
725%4u %ws,总大小 = %u,最大值 = %u,平均大小 = %u %4u %ws, Total Size = %u, Max Size = %u, Ave Size = %u
726私钥不能导出 Private key is NOT exportable
727企业根 CA Enterprise Root CA
728企业从属 CA Enterprise Subordinate CA
729独立根 CA Stand-alone Root CA
730独立附属 CA Stand-alone Subordinate CA
731未知 CA 类型: %u Unknown CA Type: %u
732[%1] [Machine\ParentCAName] [%1] [Machine\ParentCAName]
733续订证书颁发机构证书 Renew Certification Authority certificate
734证书哈希(%ws): Cert Hash(%ws):
735错误消息文本: %ws Error message text: %ws
736================ CRL %d ================ ================ CRL %d ================
737正在删除 CRL %d: %ws Deleting CRL %d: %ws
738CA Certs: %u CA Certs: %u
739密钥: Keys:
740值: Values:
741加载(CRL)返回了 %ws Load(CRL) returned %ws
742CRL CRL
743错误: CRL 尚未生效 ERROR: CRL is not yet valid
744错误: CRL 已过期 ERROR: CRL has expired
745错误: CRL 在发证 CA 证书生效之前就生效了 ERROR: CRL Valid before issuing CA Cert Valid
746错误: CRL 在发证 CA 证书过期后才过期 ERROR: CRL Expires after issuing CA Cert Expires
747错误: 发证 CA 使用者名称与 CRL 颁发者不匹配 ERROR: Issuing CA Subject name does not match CRL Issuer
748发证 CA 使用者名称与 CRL 颁发者匹配 Issuing CA Subject name matches CRL Issuer
749错误: CA 没有颁发 CRL: 签名检查失败 ERROR: CA did not issue CRL: Signature check failed
750CRL 签名有效 CRL signature is valid
751CA 密钥 ID 与密钥 ID 匹配 CA Key Id matches Key Id
752错误: CA 密钥 ID 与密钥 ID 不匹配 ERROR: CA Key Id does not match Key Id
753没有密钥 ID No Key Id
755不可用 Unavailable
756错误: 这个证书没有 CRL Error: No CRL for this Cert
758有效 Valid
759过期 Expired
760尚未提交 Under Submission
762[KeyContainerName | -] [KeyContainerName | -]
763列出密钥容器 List key containers
764KeyContainerName KeyContainerName
765删除已命名的密钥容器 Delete named key container
766证书被吊销 Certificate is REVOKED
767CA 证书验证状态 CA cert verify status
768标记: Flags:
769错误: 证书公钥与私钥不匹配 ERROR: Certificate public key does NOT match private key
770通过了签名测试 Signature test passed
771未能通过签名测试 Signature test FAILED
772显示 DS 证书 Display DS Certificates
773[FullDSDN] | [CertId [OutFile]] [FullDSDN] | [CertId [OutFile]]
774显示 DS CRL Display DS CRLs
775[FullDSDN] | [CRLIndex [OutFile]] [FullDSDN] | [CRLIndex [OutFile]]
776[CN] [CN]
777显示 DS DN Display DS DNs
778CN CN
779删除 DS DN Delete DS DNs
780正在删除 Deleting
781[InfoName [Index | ErrorCode]] [InfoName [Index | ErrorCode]]
782显示 CA 信息 Display CA Information
783InfoName 参数语法: InfoName argument syntax:
784错误代码 ErrorCode
785[Index] [Index]
786强制 UTF-8 Force UTF-8
787签名: UnusedBits=%u Signature: UnusedBits=%u
788短名称: Short Name:
789净化的短名称: Sanitized Short Name:
790SMIME 性能: SMIME Capabilities:
791申请文件: Request File:
792PKCS7 属性 PKCS7 Attribute
793没有签名 No Signature
794证书顺序: Certificate Sequence:
795找不到证书: Cannot find certificate:
796有效加密的密钥哈希 Valid Encrypted Key Hash
797[%1 | %2 | %3] [%1 | %2 | %3]
798[%1 | %2 | %3 | %4 | %5 | %6 | %7] [%8] [%1 | %2 | %3 | %4 | %5 | %6 | %7] [%8]
800显示 DS 增量 CRL Display DS Delta CRLs
801用秒和毫秒显示时间 Display times with seconds and milliseconds
802错误: CA 证书没有基本 Constraints2 扩展 ERROR: CA Cert has no Basic Constraints2 Extension
803错误: 不能解码 CA 证书基本 Constraints2 扩展 ERROR: Cannot decode CA Cert Basic Constraints2 Extension
804错误: CA 证书是一个最终实体证书 ERROR: CA Cert is an End Entity certificate
805证书是一个 CA 证书 Cert is a CA certificate
806证书是一个最终实体证书 Cert is an End Entity certificate
807元素 %u: Element %u:
808CMC CMC
809证书无效: %ws Certificate is NOT valid: %ws
810通过了加密测试 Encryption test passed
811未能通过加密测试 Encryption test FAILED
812使用 V1 界面 Use V1 interfaces
813文件版本 File version
814产品版本 Product version
815退出模块计数 Exit module count
816退出模块描述 Exit module description
817策略模块描述 Policy module description
818CA 名称 CA name
819整理过的 CA 名称 Sanitized CA name
820共享文件夹 Shared folder
821CA 类型 CA type
822父 CA Parent CA
823CA 证书计数 CA cert count
824CA 证书 CA cert
826CA 交换证书计数 CA exchange cert count
827CA 交换证书 CA exchange cert
828CA 交换证书链 CA exchange cert chain
829基 CRL Base CRL
830增量 CRL Delta CRL
833CA 信息 CA info
834显示 CA 属性类型信息 Display CA Property Type Information
835为 CA 属性使用 ICertAdmin2 Use ICertAdmin2 for CA Properties
836最大 CA PropId Maximum CA PropId
837从选定的 UI 选择一个证书 Select a certificate from a selection UI
838证书列表 Certificate List
839列出证书 List certificates
840为 ObjectId 列出证书 List certificates for ObjectId
841列出登记注册颁发机构证书 List Enrollment Registration Authority certificates
842列出密钥恢复代理证书 List Key Recovery Agent certificates
843密钥 Id 哈希(%ws): Key Id Hash(%ws):
844CMS 证书申请: CMS Certificate Request:
845CMS 响应: CMS Response:
846标记的属性: Tagged Attributes:
847标记的内容信息: Tagged Content Info:
848标记的申请: Tagged Requests:
849标记的其他消息: Tagged Other Messages:
850未知申请选择 UNKNOWN Request Choice
851Body Part Id: Body Part Id:
852不能加载密钥: %ws Cannot load key: %ws
853过期的证书 Expired certificate
854未通过身份验证的属性 Unauthenticated Attributes
855内容类型 Content Type
856数据引用 Data Reference
857证书引用 Cert Reference
858 Value
859未知标记的属性 UNKNOWN Tagged Attribute
860签名者计数 Signer Count
861签名者信息 Signer Info
862哈希算法: Hash Algorithm:
863加密的哈希算法: Encrypted Hash Algorithm:
864存储的哈希%ws: Stored Hash%ws:
865计算的哈希%ws: Computed Hash%ws:
866CMC 属性 CMC Attribute
867Exchange 授权信息访问 Exchange Authority Information Access
868Exchange 版本 Exchange Version
869InFile [HashAlgorithm] InFile [HashAlgorithm]
870通过文件生成并显示加密哈希 Generate and display cryptographic hash over a file
871%ws 哈希(文件 %ws): %ws hash of file %ws:
872CA 密钥交换证书 CA Key Exchange Certificate
873通过 Pass
874没有收件人 No Recipient
875收件人计数 Recipient Count
876收件人信息 Recipient Info
877DNS 名称 DNS Name
878SearchToken [RecoveryBlobOutFile]
SearchToken %1 OutputScriptFile
SearchToken %2 | %3 OutputFileBaseName
SearchToken [RecoveryBlobOutFile]
SearchToken %1 OutputScriptFile
SearchToken %2 | %3 OutputFileBaseName
879检索存档的私钥恢复 Blob,生成恢复脚本 或恢复存档的密钥 Retrieve archived private key recovery blob, generate a recovery script,
or recover archived keys
880RecoveryBlobInFile [PFXOutFile [RecipientIndex]] RecoveryBlobInFile [PFXOutFile [RecipientIndex]]
881恢复存档的私钥 Recover archived private key
882
[文件]

[File]
883解密的 PKCS7 消息内容 Decrypted PKCS7 Message Content
884不能解密消息内容。 Cannot decrypt message content.
885密钥恢复要求下列证书之一和它的私钥: Key recovery requires one of the following certificates and its private key:
886用户证书: User Certificate:
887算法类 Algorithm Class
888算法类型 Algorithm Type
889算法子 id Algorithm Sub-id
890CMC 状态信息 CMC Status Info
891Body Part Id 引用 Body Part Id Reference
892状态字符串 Status String
893其它信息选择 Other Info Choice
894失败信息 Fail Info
895挂起的令牌: Pend Token:
896挂起的时间 Pend Time
897CertFile [%1 | %2 | %3 | %4 | %5 | %6 | %7]
CRLFile [DSCDPContainer [DSCDPCN]]
CertFile [%1 | %2 | %3 | %4 | %5 | %6 | %7]
CRLFile [DSCDPContainer [DSCDPCN]]
898将证书或 CRL 发布到 Active Directory Publish certificate or CRL to Active Directory
899不能从文件(%ws)加载证书或 CRL Could not load Certificate or CRL from file (%ws)
900用户 User
901通过身份验证的会话 Authenticated Session
902智能卡登录 Smartcard Logon
903基本 EFS Basic EFS
905EFS 恢复代理 EFS Recovery Agent
906代码签名 Code Signing
907信任列表签名 Trust List Signing
908计算机 Computer
909域控制器 Domain Controller
910Web 服务器 Web Server
911KDC KDC
912根证书颁发机构 Root Certification Authority
913从属证书颁发机构 Subordinate Certification Authority
914注册代理 Enrollment Agent
915智能卡用户 Smartcard User
917仅用户签名 User Signature Only
919INF 文件中下面的键的值不正确。它应该是一个非零的数值。 The value for the following key is incorrect in the INF file. It should be a non-zero numeric value.
923IPSec IPSec
924CAPolicy.inf 中 RenewalValidityPeriodUnits 的值不正确。它应该是一个非零的数值。 The value for RenewalValidityPeriodUnits is incorrect in CAPolicy.inf. It should be a non-zero numeric value.
925IPSec (脱机申请) IPSec (Offline request)
926CAPolicy.inf 中 RenewalValidityPeriod 的值不正确。它应该是下列之一: 年,月,星期或天(英文)。 The value for RenewalValidityPeriod is incorrect in CAPolicy.inf. It should be one of the following: Years, Months, Weeks or Days (in English).
927路由器(脱机请求) Router (Offline request)
928req req
929打开申请文件 Open Request File
930请求文件(*.req; *.txt; *.cmc; *.der)|*.req;*.txt;*.cmc;*.der|证书文件(*.cer; *.crt; *.der)|*.cer;*.crt;*.der|所有文件(*.*)|*.*|| Request Files (*.req; *.txt; *.cmc; *.der)|*.req;*.txt;*.cmc;*.der|Certificate Files(*.cer; *.crt; *.der)|*.cer;*.crt;*.der|All Files (*.*)|*.*||
931请输入计算机名。 Please enter a computer name.
932请确保计算机上有一个正在运行的 CA。 Please make sure there is a running CA on the computer.
933在此计算机上没有匹配的 CA。这可能是由于计算机处于脱机状态。请与系统管理员联系,或者选择其他 CA。 There is no matched CA on the computer. This might be caused by the computer being offline. Please contact the system administrator or select a different CA.
934无法 ping 所选的 CA。请确定 CA 正在运行。 Cannot ping the selected CA. Please make sure the CA is running.
935交换注册代理(脱机请求) Exchange Enrollment Agent (Offline request)
936Exchange 用户 Exchange User
937仅 Exchange 签名 Exchange Signature Only
938没有已发布的证书颁发机构可用。请与系统管理员联系,或者根据名称选择一个证书颁发机构。 There are no published CAs available. Please contact the system administrator or select a CA by name.
939注册代理(计算机) Enrollment Agent (Computer)
940保存申请文件 Save Request File
941CEP 加密 CEP Encryption
942建立了策略 Built Policy
943策略元素 Policy Element
944策略语句扩展 Policy Statement Extension
945策略 inf 缺少节或键 Policy inf missing section or key
946打开了策略 inf Opened Policy inf
947无法打开策略 inf Cannot open Policy inf
948开始 Begin
949结束 End
950管理 CA Manage CA
951颁发和管理证书 Issue and Manage Certificates
952管理审核日志 Manage Audit Logs
953备份和还原 Backup and Restore
954读取 Read
955请求证书 Request Certificates
964关闭策略 inf Closed Policy inf
965消息框 Message Box
966在无人参与的应答文件中 RenewalValidityPeriod 的值不正确。它应该是下列之一: 年,月,星期或天(英文)。 The value for RenewalValidityPeriod is incorrect in unattended answer file. It should be one of the following: Years, Months, Weeks or Days (in English).
967密钥恢复代理 Key Recovery Agent
968CA 交换 CA Exchange
969970 交叉证书颁发机构 970 Cross Certification Authority
971域控制器身份验证 Domain Controller Authentication
972目录电子邮件复制 Directory Email Replication
974
你将此 Web 客户端配置为将请求转发到一个企业 CA。如果此 CA 使用企业默认策略模块,此计算机必须启用委派并使用 Kerberos 身份验证。若要启用委派,请参阅“允许计算机帐户被信任为委派”帮助主题。

You have configured this Web client to forward requests to an enterprise CA. If the CA is using the enterprise default policy module, this computer must have delegation enabled and use Kerberos authentication. To enable delegation, see 'Allow computer accounts to be trusted for delegation' help topic.
976无法配置 Web 客户端向选择的 CA 转发请求。 The Web client cannot be configured to forward requests to the selected CA.
977下列密钥的值在 INF 文件中是不正确的。它应该是一个布尔值(Yes/No/True/False/0/1)。 The value for the following key is incorrect in the INF file. It should be a boolean value (Yes/No/True/False/0/1).
978工作站身份验证 Workstation Authentication
979RAS 和 IAS 服务器 RAS and IAS Server
980低确定性 Low Assurance
981中确定性 Medium Assurance
982高确定性 High Assurance
983OCSP 响应签名 OCSP Response Signing
984Kerberos 身份验证 Kerberos Authentication
1002交叉验证的证书颁发机构 Cross-certified certification authority
1003证书颁发机构(CA) Certification authority (CA)
1007Active Directory KRA Active Directory KRA
1008Active Directory AIA Active Directory AIA
1009已登录的用户 Logged on user
1010本地系统 Local system
1011用户名/密码 username/password
1013Windows 集成 windows integrated
1014匿名 anonymous
1016凭据为专用凭据 credential is private
2000字节 Bytes
2001%ws 已经在 DS 存储中。 %ws already in DS store.
2003使用者密钥 Id (%ws): Subject Key Id (%ws):
2004预计算 precomputed
2005无法打开证书存储。 Cannot open Cert store.
2006无法打开现有的证书存储。请使用 %ws 选项强制创建证书存储。 Cannot open existing Cert store. Use %ws option to force Cert store creation.
2007CertificateStoreName CertIdList [PropertyInfFile | SDDLSecurityDescriptor] CertificateStoreName CertIdList [PropertyInfFile | SDDLSecurityDescriptor]
2008修复密钥关联,或者更新证书属性或密钥安全描述符 Repair key association or update certificate properties or key security descriptor
2009%d 位密钥 %d bit key
2010删除注册表值 Delete registry value
2011不能验证分开的签名 Cannot verify detached signature
2012[CertificateStoreName] CertId PFXFile [Modifiers] [CertificateStoreName] CertId PFXFile [Modifiers]
2013导出证书和私钥 Export certificate and private key
2014[CertificateStoreName] PFXFile [Modifiers] [CertificateStoreName] PFXFile [Modifiers]
2015导入证书和私钥 Import certificate and private key
2016[Template] [Template]
2017显示 DS 模板属性 Display DS Template Attributes
2018TemplateInfFile TemplateInfFile
2019添加 DS 属性 Add DS Templates
2020已创建 DS 模板 Created DS Template
2021已更新 DS 模板 Updated DS Template
2022%ws: -%ws 命令成功完成。 %ws: -%ws command completed successfully.
2023%ws 服务可能需要重新启动,以使更改生效。 The %ws service may need to be restarted for changes to take effect.
2025显示注册策略模板 Display Enrollment Policy templates
2026模板 Template
2027显示模板的 CA Display CAs for template
2029显示 CA 的模板 Display templates for CA
2030显示用户模板 Display user templates
2031显示计算机模板 Display machine templates
2032模板扩展: Template Extensions:
2033为输出文件 %ws 输入密码: Enter new password for output file %ws:
2034为 %ws 输入密码: Enter password for %ws:
2035编码不带 CR 字符的文本 Encode text without CR characters
2036InFile OutFile [type] InFile OutFile [type]
2037用十六进制编码文件 Encode file in hexadecimal
2038嵌入的 ASN.1 元素: Embedded ASN.1 Element:
2039分离嵌入的 ASN.1 元素,并保存到文件 Split embedded ASN.1 elements, and save to files
2040使用本地计算机 Enterprise 注册表证书存储 Use local machine Enterprise registry certificate store
2041找不到根证书。 No root certificates found.
2042无效日期 Invalidity Date
2043正在查询 %ws Querying %ws
2044角色分离 Role Separation
2045已验证的颁发策略 Verified Issuance Policies
2046已验证的应用程序策略 Verified Application Policies
2047[URL | %1 | %2 [%3]] [URL | %1 | %2 [%3]]
2048显示或删除 URL 缓存项目 Display or delete URL cache entries
2049KRA 证书计数 KRA cert count
2050KRA 证书使用计数 KRA cert used count
2051KRA 证书 KRA cert
2052无效的 ObjectId 或算法 Invalid ObjectId or Algorithm
2053PKCS7/CMS 消息: PKCS7/CMS Message:
2054没有显示名称 No display names
2055类型不匹配 Type mismatch
2056本地化的名称 Localized name
2057CSP 提供程序信息 CSP Provider Info
2058InFileList|SerialNumber|%1 OutFileList [StartDate[+|-%9]+|-%9] [+SerialNumberList | -SerialNumberList | -ObjectIdList | @ExtensionFile]
InFileList|SerialNumber|%1 OutFileList [#HashAlgorithm] [+%6 | -%6]
InFileList OutFileList [%10] [%11hex data]
InFileList|SerialNumber|%1 OutFileList [StartDate[+|-%9]+|-%9] [+SerialNumberList | -SerialNumberList | -ObjectIdList | @ExtensionFile]
InFileList|SerialNumber|%1 OutFileList [#HashAlgorithm] [+%6 | -%6]
InFileList OutFileList [%10] [%11hex data]
2059重新签名 CRL 或证书 Re-sign CRL or certificate
2060签名证书使用者 Signing certificate Subject
2061RowId | Date [%1 | %2 | %3 | %4 | %5] RowId | Date [%1 | %2 | %3 | %4 | %5]
2062删除服务器数据库行 Delete server database row
2063删除的行: %u Rows deleted: %u
2064在删除比 %ws 更旧的行时,必须指定下列行之一: One of the following tables must be specified when deleting rows older than %ws:
2065指定的数据在将来: %ws The date specified is in the future: %ws
2066CRL 哈希(%ws): CRL Hash(%ws):
2067包括 CRL Include CRLs
2068完全响应 Full Response
2069有 CRL 的 CA 证书链 CA cert chain with CRLs
2070有 CRL 的 CA 交换证书链 CA exchange cert chain with CRLs
2071以脉冲方式执行自动注册事件或 NGC 任务 Pulse autoenrollment event or NGC task
2072DomainName\MachineName$ DomainName\MachineName$
2073显示 Active Directory 计算机对象信息 Display Active Directory machine object information
2074计算机对象缺少 %ws 属性。 Machine object missing %ws attribute.
2075组成员身份: Group Memberships:
2076[Domain] [%1 | %2 | %3] [Domain] [%1 | %2 | %3]
2077显示域控制器信息 Display domain controller information
2078企业根存储: %ws Enterprise Root store: %ws
2079KDC 证书: %ws KDC certificates: %ws
2080DC 不可用: %ws DC UNAVAILABLE: %ws
2081*** 正在测试 DC[%u]: %ws *** Testing DC[%u]: %ws
2082** DC %ws 的企业根证书 ** Enterprise Root Certificates for DC %ws
2083** DC %ws 的 KDC 证书 ** KDC Certificates for DC %ws
2084未知属性 Unknown Property
2086公钥长度: %u bits Public Key Length: %u bits
2087Advanced Server Advanced Server
2088CRL 发布状态 CRL Publish Status
2089增量 CRL 发布状态 Delta CRL Publish Status
2091参数 = %x Parameter = %x
2092参数标识 = %x Parameter Flags = %x
2093已存档! Archived!
2095显示企业信息 Display enterprise information
2097DSS 密钥长度: %u 比特 DSS Key Length: %u bits
2098================ CTL %d ================ ================ CTL %d ================
2099客户端 ID: Client Id:
2100用户: User:
2101计算机: Machine:
2102证书信任列表: Certificate Trust List:
2103列出标识符: List Identifier:
2104序号: Sequence Number:
2105使用者算法: Subject Algorithm:
2106CTL 项: CTL Entries:
2107用法项目: Usage Entries:
2108使用者标识符%ws: Subject Identifier%ws:
2109查看证书存储 View Certificate Store
2110选择证书 Select Certificate
2111选则要删除的证书 Select Certificate to Delete
2112保存的证书 %ws Saved certificate %ws
2113删除的证书 %ws Deleted certificate %ws
2114注册-代表 Enroll-on-Behalf-of
2115[ReaderName [%1]] [ReaderName [%1]]
2116显示智能卡信息 Display smart card information
2117服务已暂停。 Service is paused.
2118服务已停止 Service is stopped.
2119服务处于未知状态。 Service is in an unknown state.
2120Microsoft 智能卡资源管理器正在运行。 The Microsoft Smart Card Resource Manager is running.
2121Microsoft 智能卡资源管理器没有运行。 The Microsoft Smart Card Resource Manager is not running.
2122找到 AT_SIGNATURE 项但是没有 AT_KEYEXCHANGE 项 Found AT_SIGNATURE key but no AT_KEYEXCHANGE key
2123无法连接到服务器: %ws Server could not be reached: %ws
2124选择解码证书 Select Decryption Certificate
2125外部证书 Foreign Cert
2127UPN: UPN:
2128使用者未被修改 Subject Unmodified
2129发布错误 Publish Error
2130NULL 签名验证 NULL signature verifies
2131源 URL 名称: Source Url Name:
2132本地文件名: Local File Name:
2133用户数: %d Use Count: %d
2134点击率: %d Hit Rate: %d
2135文件大小: %d File Size: %d
2136上一次更新时间: Last Modified Time:
2137到期时间: Expire Time:
2138上一次访问时间: Last Access Time:
2139上一次同步时间: Last Sync Time:
2140错误: 请检查计算机名。应当是 domain\computer$ Error: Check machine name. Should be domain\computer$
2141%ws 丢失了后缀 $,正确吗? %ws is missing trailing $, correct?
2142颁发者域策略 = Issuer Domain Policy =
2143使用者域策略 = Subject Domain Policy =
2144映射[%u]: Map[%u]:
2145非 DC 证书类型: %ws Cert Type not DC: %ws
2146证书用法缺少 %ws Cert Usage missing %ws
2147删除的 KDC 证书! Deleted KDC certificate!
2148CertDeleteCertificateFromStore 失败! - %x CertDeleteCertificateFromStore failed! - %x
2149%u 个 KDC 证书(用于 %ws) %u KDC certificates for %ws
2150我的存储中没有 KDC 证书 No KDC Certificate in MY store
2151企业根存储中没有证书! No certificates in Enterprise Root store!
2152远程我的存储上的 CertOpenStore 失败! - %x CertOpenStore on remote My store failed! - %x
2153获取存档的属性位时出错! - %x Error Getting Archived Prop bit! - %x
2154++ 存档的证书 ++ ++ Archived Certificate ++
2155我的存储中没有自动注册的证书!!! No Autoenrolled Certificates in MY store!!!
2156远程企业存储上的 CertOpenStore 失败! %x CertOpenStore on remote ent store failed! %x
2157没有自动注册对象!!! No Autoenrollment Objects!!!
2158拒绝访问! No Access!
2159检索并验证 AIA 证书和 CDP CRL Retrieve and verify AIA Certs and CDP CRLs
2160默认到申请和证书表
%1 -- 扩展表
%2 -- 属性表
%3 -- CRL 表
Defaults to Request and Certificate table
%1 -- Extension table
%2 -- Attribute table
%3 -- CRL table
2161CA 注册表有效期: %ws %ws CA Registry Validity Period: %ws %ws
2162支持的证书模板: Supported Certificate Templates:
2163不支持的证书模板:: No supported Certificate Templates::
2164提取 CA 名称属性失败! %x CA Name property fetching failed! %x
2165CA 名称: %ws CA Name: %ws
2166提取 DNS 名称属性失败! %x DNS Name property fetching failed! %x
2167计算机名称: %ws Machine Name: %ws
2168DS 位置: %ws DS Location: %ws
2169提取证书 DN 属性失败! %x Cert DN property fetching failed! %x
2170证书 DN: %ws Cert DN: %ws
2171提取 Sig Alg 属性失败! %x Sig Alg property fetching failed! %x
2172支持的签名 algs: %ws Supported signature algs: %ws
2173DS 上没有签名 algs! No signature algs on DS!
2174此 CA 没有证书类型 No Certificate types for this CA
2175没有返回证书类型,尽管已经存在一个! No certificate type returned, although one exists!
2176域中没有列出的 CA。配置可能存储在根域中。使用 -dc 选项使根域控制器指向该信息。 No CA's listed in the domain. The configuration might be stored in the root domain. Use the -dc option to target your root domain controller for the information.
2177无法访问 DFS 共享 Cannot access DFS share
2178DFS 数据可以使用 DFS Data is accessible
2179在 Ping 搜索中没有找到项目! No entries found in Ping Search!
2180策略 [non-fatal] 没有 DSPath No DSPath for Policy [non-fatal]
2181RegQueryValue (DSPATH) 失败! %x RegQueryValue (DSPATH) failed! %x
2182策略 [non-fatal] 没有 FileSysPath No FileSysPath for Policy [non-fatal]
2183完成。 Done.
2184ldap 搜索 (%ws) 找到 0 项! ldap search (%ws) found 0 items!
2185=========== 策略中的根证书 ================= =========== Root Certs in policy =================
2186证书 %u: Certificate %u:
2187该计算机上的策略中没有根证书 No Root Certificates in Policy on this machine
2188检查 UserEnv 错误的事件日志! Check event log for UserEnv errors!
2189==== 为计算机处理的策略 === ==== Policies Processed for MACHINE ===
2190==== 为用户处理的策略 === ==== Policies Processed for USER ===
2191可能没有应用策略。请查看 Userenv 错误的事件日志! Possibly No Policies applied. See Event Log for Userenv errors!
2192目标为一个特定的域控制器 Target a specific Domain Controller
2193DCName DCName
2194显示名称: Display Name:
2195计算机名: %ws Computer Name: %ws
2196用户名: %ws User Name: %ws
2197错误的选项 bad option
2198++++++++ 计算机: %ws ++++++++ ++++++++ MACHINE: %ws ++++++++
2199### 密钥: ### Key:
2200GPO 名称: %ws GPO Name: %ws
2201签名匹配要求公钥 Signature matches request Public Key
2202栏列表 ColumnList
2203以逗号分隔的栏列表 Comma separated Column List
2204限制列表 RestrictionList
2205以逗号分隔的限制列表 Comma separated Restriction List
2206Machine\CAName Machine\CAName
2207CA 和计算机名称字符串 CA and Machine name string
2208显示动词列表(命名列表) Display a verb list (command list)
2209显示 "%ws" 动词的帮助文本 Display help text for the "%ws" verb
2210显示所有动词的所有帮助文本 Display all help text for all verbs
2211导入的外部证书 Imported foreign certificate
2213证书已经导入 Certificate already imported
2214更新了存档的密钥 Archived key updated
2215存档的密钥 Archived key
2216密钥已经存档 Key already archived
2217忽略的签名证书 Ignored signing certificate
2220带密钥的证书 Certificates with keys
2224未导入的证书 Certificates not imported
2225密钥 Keys
2227密钥更新 Keys updated
2228密钥存档 Keys archived
2229密钥没有存档 Keys not archived
2230合并 PFX 文件 Merge PFX files
2231PFXInFileList PFXOutFile [Modifiers] PFXInFileList PFXOutFile [Modifiers]
2232联机 Online
2233脱机 OFFLINE
2234以前的 CA 证书哈希 Previous CA Cert Hash
2235消息摘要 Message Digest
2236存档的密钥证书哈希 Archived Key Cert Hash
2237颁发的证书哈希 Issued Cert Hash
2238加密的证书哈希 Encrypted Key Hash
2239CRL 数字 CRL Number
2240最小基 CRL 号 Minimum Base CRL Number
2241虚拟基本 CRL 数字 Virtual Base CRL Number
2242CRL 下一发布 CRL Next Publish
2243签名时间 Signing Time
2244增量 CRL CDP Delta CRL CDP
2245CRL 自 CDP CRL Self CDP
2246应用程序策略 Application Policies
2247应用程序策略映射 Application Policy Mappings
2248应用程序策略限制 Application Policy Constraints
2249策略映射 Policy Mappings
2250策略限制 Policy Constraints
2251副署 Counter Signature
2252%u 个计算机证书(%u 个已存档) %u Machine certificates (%u archived)
2253为 %ws for %ws
2254V1 自动注册对象: V1 Autoenrollment Objects:
2255正在跳过索引 %u 的 CSP Skipping CSP at index %u
2256提供程序名称: Provider Name:
2257提供程序类型: Provider Type:
2258私钥验证 Private key verifies
2259正在处理 KMS 导出,来自: Processing KMS exports from:
2261加密的密钥: Encrypted key:
2262解密的密钥: Decrypted key:
2263未能导入对称密钥 Failed to import symmetric key
2264锁箱已打开,对称密钥成功解密 Lock box opened, symmetric key successfully decrypted
2265移动 AT_SIGNATURE 项到 AT_KEYEXCHANGE Moved AT_SIGNATURE key to AT_KEYEXCHANGE
2266已验证的证书类别 Validated Cert Types
2267证书类型 Cert Type
2268==== %u CA (位于 %ws 域) ==== ==== %u CAs on %ws Domain ====
2269CACountCA 与 CAEnumNextCA 不一致 CACountCAs inconsistent with CAEnumNextCA
2270缓存的 LDAP DC Cached LDAP DC
2271当前读卡器/卡状态: Current reader/card status:
2272SCardEstablishContext 对用户作用域失败。 SCardEstablishContext failed for user scope.
2273不能确定智能卡读卡机列表。 A list of smart card readers cannot be determined.
2274SCardListReaders 对 SCARD_ALL_READERS 失败 SCardListReaders failed for SCARD_ALL_READERS
2275当前没有可用的智能卡读卡机。 No smart card readers are currently available.
2277读卡机: Readers:
2278--- 读卡器: --- Reader:
2279--- 状态: --- Status:
2280没有卡。 No card.
2281此卡不能被识别,或者没有响应。 The card is unrecognized or not responding.
2282卡当前被另一进程以独占方式使用。 Card is in use exclusively by another process.
2283此卡被另一进程共享。 The card is being shared by a process.
2284此卡可用。 The card is available for use.
2285卡/读卡器没有响应。 Card/Reader not responding.
2286--- 卡: --- Card:
2287未知卡。 Unknown Card.
2288正在执行 %ws 公钥匹配测试... Performing %ws public key matching test...
2289%ws 成功,但是返回的大小为零 %ws succeeded but returned zero size
2290来自 KeyProvInfo 容器的公钥: Public key from KeyProvInfo container:
2291来自证书的公钥: Public key from Cert:
2292公钥匹配测试成功 Public key matching test succeeded
2293智能卡上的链无效 Chain on smart card is invalid
2294证书链验证 Chain validates
2295读卡器没有 %ws 密钥: No %ws key for reader:
2296无法打开读卡器的 %ws 密钥: Cannot open the %ws key for reader:
2297没有为读卡器检索 %ws 证书: No %ws cert retrieved for reader:
2298正在执行证书链验证... Performing cert chain verification...
2299为读卡器显示 %ws 证书: Displayed %ws cert for reader:
2300正在分析读卡器中的卡: Analyzing card in reader:
2301不能检索 %ws 的提供程序名称 Cannot retrieve Provider Name for %ws
2302%1 -- 失败并被挂起的申请(提交日期)
%2 -- 过期并被吊销的证书(过期日期)
%3 -- 扩展表
%4 -- 属性表
%5 -- CRL 表(过期日期)

删除提交时间为 1/22/2001 的失败并被挂起的申请:
1/22/2001 %1
删除在 1/22/2001 过期的所有证书:
1/22/2001 %2
删除 RequestId 37 的证书行,属性和扩展:
37
删除在 1/22/2001 过期的 CRL:
1/22/2001 %5
%1 -- Failed and pending requests (submission date)
%2 -- Expired and revoked certificates (expiration date)
%3 -- Extension table
%4 -- Attribute table
%5 -- CRL table (expiration date)

To delete failed and pending requests submitted by January 22, 2001:
1/22/2001 %1
To delete all certificates that expired by January 22, 2001:
1/22/2001 %2
To delete the certificate row, attributes and extensions for RequestId 37:
37
To delete CRLs that expired by January 22, 2001:
1/22/2001 %5
2303全部 All
2304 None
2305选择证书或 CRL Select Certificate or CRL
2306证书文件|*.cer;*.crt|CRL 文件|*.crl|| Certificate Files|*.cer;*.crt|CRL Files|*.crl||
2307cer cer
2308将 PFX 文件转换为 EPF 文件 Convert PFX files to EPF file
2309PFXInFileList EPFOutFile [%1 | %2] [V3CACertId][,Salt] PFXInFileList EPFOutFile [%1 | %2] [V3CACertId][,Salt]
2310错误: 在 Active Directory 中找不到匹配的用户或计算机。 ERROR: Could not find a matching user or computer in Active Directory.
2311KMS CA 证书列表 KMS CA Certificate List
2312选择 KMS CA 证书 Select KMS CA certificate
2313RequestId -- 挂起申请的数字申请 Id
ExtensionName -- 扩展的 ObjectId 字符串
Flags -- 0 为推荐的。1 标识扩展是关键的,
2 禁用它,3 两者都执行。
如果最后一个参数为数字,它将作为 Long 被接受。
如果它可以被分析为日期,它将被作为日期接受。
如果它以 '@' 开头,则此标识的其余部分为包含二进制数据或 ASCII 文本十六进制转储的文件名。
其他情况都将作为 String 接受。
RequestId -- numeric Request Id of a pending request
ExtensionName -- ObjectId string of the extension
Flags -- 0 is recommended. 1 makes the extension critical,
2 disables it, 3 does both.
If the last parameter is numeric, it is taken as a Long.
If it can be parsed as a date, it is taken as a Date.
If it starts with '@', the rest of the token is the filename containing binary data or an ascii-text hex dump.
Anything else is taken as a String.
2314InFileList -- 要修改并重新签名的证书或 CRL 文件列
表(以逗号分隔)
SerialNumber -- 要创建的证书的序列号
有效期和其他选项必须不存在
%1 -- 创建空 CRL
有效期和其他选项必须不存在
OutFileList -- 已修改的证书或 CRL 输出文件列表
(以逗号分隔)。文件数目必须同 InFileList 匹配。
StartDate[+|-%9]+|-%9 -- 新的有效期: 可选日期加上
可选天数和小时数的开始日期偏移和可选
天数和小时数的有效期
如果使用多个字段,请使用(+)或(-)分隔符
使用“%7[+%9]”在当前时间启动
使用“%7-%9+%9”在当前时间的固定偏移和
固定的有效期开始
使用“%8”将无到期日期(仅用于 CRL)
SerialNumberList -- 要添加或删除的序列号列表(以逗号分隔)
ObjectIdList -- 要删除的扩展 ObjectId 列表(以逗号分隔)
@ExtensionFile -- 包含要更新或删除的扩展的 INF 文件:
%2
%3 删除 CRL 分发点扩展
%4 更新密钥使用扩展
%5
HashAlgorithm -- 前面标有 # 号的哈希算法名称
%6 -- 替换签名算法说明符


减号将删除序列号和扩展。
加号将添加序列号到 CRL。
从 CRL 中删除项目时,列表可能同时包含序列号
和 ObjectId。
%6 之前的减号将使用旧签名格式。
%6 之前的加号将使用替换签名格式。
如果未指定 %6,则使用证书或 CRL 中的签名格式。
InFileList -- comma separated list of Certificate or CRL files to modify
and re-sign
SerialNumber -- Serial number of certificate to create
Validity period and other options must not be present
%1 -- Create an empty CRL
Validity period and other options must not be present
OutFileList -- comma separated list of modified Certificate or CRL output
files. The number of files must match InFileList.
StartDate[+|-%9]+|-%9 -- new validity period: optional date plus
optional days and hours start date offset and optional
days and hours validity period
If multiple fields are used, use a (+) or (-) separator
Use "%7[+%9]" to start at the current time
Use "%7-%9+%9" to start at a fixed offset from the current
time and a fixed validity period
Use "%8" to have no expiration date (for CRLs only)
SerialNumberList -- comma separated serial number list to add or remove
ObjectIdList -- comma separated extension ObjectId list to remove
@ExtensionFile -- INF file containing extensions to update or remove:
%2
%3 Remove CRL Distribution Points extension
%4 Update Key Usage extension
%5
HashAlgorithm -- Name of the hash algorithm preceded by a # sign
%6 -- alternate Signature algorithm specifier


A minus sign causes serial numbers and extensions to be removed.
A plus sign causes serial numbers to be added to a CRL.
When removing items from a CRL, the list may contain both serial numbers
and ObjectIds.
A minus sign before %6 causes the legacy signature format to be used.
A plus sign before %6 causes the alternature signature format to be used.
If %6 is not specifed then the signature format in the certificate or CRL is used.
2315InfoName -- 表示要显示的 CA 属性(参见下面)
为所有属性使用 "*"
Index -- 从零开始的属性索引(可选)
ErrorCode -- 错误代码(数字)
InfoName -- indicates the CA property to display (see below)
Use "*" for all properties
Index -- optional zero-based property index
ErrorCode -- numeric error code
2316%1 --使用 CA 的注册表项
%2 --使用 CA 的还原注册表项
%3 --使用策略模块的注册表项
%4 --使用第一个退出模块的注册表项
%5 --使用模板注册表项(对用户模板使用 -user)
%6 --使用注册注册表项(对用户上下文使用 -user)
%7 --使用链配置注册表项
%8 --使用策略服务器注册表项
%9 --使用策略或退出模块的 ProgId (注册表子项名称)

RegistryValueName --注册表值名称(使用 "Name*" 进行前缀匹配)
Value --新的数字、字符串或日期注册表值或文件名。
如果一个数字值以 "+" 或 "-" 开头,则新值中指定的位将在
现有的注册表值中被设置或清除。

如果字符串值以 "+" 或 "-" 开头,并且现有值为
一个 REG_MULTI_SZ 值,则此字符串将添加到
现有的注册表值中,或从中删除。
若要强制创建一个 REG_MULTI_SZ 值,请在字符串值的末尾添加
一个 "
"。

如果值以 "@" 开头,则值的其余部分为
文件的名称,该文件包含
一个二进制值的十六进制文本表示形式。
如果它未引用一个有效文件,则会将其作为
[Date][+|-][%11] 进行分析 -- 可选日期加上或减去可选
天数和小时数。
如果同时指定两者,则使用加号(+)或减号(-)分隔符。
将 "%10+%11" 用于相对于当前时间的日期。
使用 "%13" 作为后缀以创建 REG_QWORD 值。

使用 "%7\%12 @%10" 有效地刷新缓存的 CRL。
%1 -- Use CA's registry key
%2 -- Use CA's restore registry key
%3 -- Use policy module's registry key
%4 -- Use first exit module's registry key
%5 -- Use template registry key (use -user for user templates)
%6 -- Use enrollment registry key (use -user for user context)
%7 -- Use chain configuration registry key
%8 -- Use Policy Servers registry key
%9 -- Use policy or exit module's ProgId (registry subkey name)

RegistryValueName -- registry value name (use "Name*" to prefix match)
Value -- new numeric, string or date registry value or filename.
If a numeric value starts with "+" or "-", the bits specified
in the new value are set or cleared in the existing registry value.

If a string value starts with "+" or "-", and the existing value
is a REG_MULTI_SZ value, the string is added to or removed from
the existing registry value.
To force creation of a REG_MULTI_SZ value, add a "
" to the end
of the string value.

If the value starts with "@", the rest of the value is the name
of the file containing the hexadecimal text representation
of a binary value.
If it does not refer to a valid file, it is instead parsed as
[Date][+|-][%11] -- an optional date plus or minus optional
days and hours.
If both are specified, use a plus sign (+) or minus sign (-) separator.
Use "%10+%11" for a date relative to the current time.
Use "%13" as a suffix to create a REG_QWORD value.

Use "%7\%12 @%10" to effectively flush cached CRLs.
2317%3 -- 新 CRL 的有效期(以天和小时计)
%1 -- 重新发布最新的 CRL
%2 -- 仅增量 CRL(默认为基和增量 CRL)
%3 -- new CRL validity period in days and hours
%1 -- republish most recent CRLs
%2 -- delta CRLs only (default is base and delta CRLs)
2318Index -- CRL 索引或密钥索引(对最新的密钥默认到 CRL)
%1 -- 增量 CRL(默认为基 CRL)
Index -- CRL index or key index (defaults to CRL for newest key)
%1 -- delta CRL (default is base CRL)
2319CertFile -- 要验证的证书
ApplicationPolicyList -- 逗号分隔的要求的应用程序策略 ObjectId 列表(可选)
IssuancePolicyList -- 逗号分隔的要求的发行策略 ObjectId 列表(可选)

CACertFile -- 要对照验证的发证 CA (可选)
CrossedCACertFile -- 由 CertFile 交叉验证的证书(可选)

CRLFile -- 要验证的 CRL
IssuedCertFile -- 由 CRLFile 包括的发行的证书(可选)
DeltaCRLFile -- 增量 CRL(可选)

如果指定了 ApplicationPolicyList,构建链被限制为对指定的应用程序策略
有效的链。
如果指定了 IssuancePolicyList,生成链被限制为对指定的发行策略有效的链。

如果指定了 CACertFile,在 CACertFile 中的域将对照 CertFile 或 CRLFile
验证。
如果没有指定 CACertFile,将使用 CertFile 来生成并验证完整链。
如果同时指定了 CACertFile 和 CrossedCACertFile,在 CACertFile 和
CrossedCACertFile 中的域将对照 CertFile 验证。

如果指定了 IssuedCertFile,在 IssuedCertFile 中的域将对照 CRLFile 验证。

如果指定了 DeltaCRLFile,在 DeltaCRLFile 中的域将对照 CRLFile 验证。
CertFile -- Certificate to verify
ApplicationPolicyList -- optional comma separated list of required
Application Policy ObjectIds
IssuancePolicyList -- optional comma separated list of required Issuance
Policy ObjectIds

CACertFile -- optional issuing CA certificate to verify against
CrossedCACertFile -- optional certificate cross-certified by CertFile

CRLFile -- CRL to verify
IssuedCertFile -- optional issued certificate covered by CRLFile
DeltaCRLFile -- optional delta CRL

If ApplicationPolicyList is specified, chain building is restricted to
chains valid for the specified Application Policies.
If IssuancePolicyList is specified, chain building is restricted to chains
valid for the specified Issuance Policies.

If CACertFile is specified, fields in CACertFile are verified against
CertFile or CRLFile.
If CACertFile is not specified, CertFile is used to build and verify a full
chain.
If CACertFile and CrossedCACertFile are both specified, fields in
CACertFile and CrossedCACertFile are verified against CertFile.

If IssuedCertFile is specified, fields in IssuedCertFile are verified
against CRLFile.
If DeltaCRLFile is specified, fields in DeltaCRLFile are verified against
CRLFile.
2320KeyContainerName -- 要验证的密钥容器名称
默认为计算机密钥。对用户密钥请使用 -user
CACertFile -- 签名或加密证书文件
如果没有指定参数,每一个签名 CA 证书将对照它的私钥进行
验证。
此操作只能对本地 CA 或本地密钥执行。
KeyContainerName -- key container name of the key to verify
Defaults to machine keys. Use -user for user keys
CACertFile -- signing or encryption certificate file
If no arguments are specified, each signing CA cert is verified against its
private key.
This operation can only be performed against a local CA or local keys.
2321CertificateStoreName -- 证书存储名称。示例:
“%1”、“%2”(默认)、“%3”,

“%10”(查看根证书)

“%11”(修改根证书)

“%12”(查看 CRL)

“%13”(企业 CA 证书)
%16 (AD 计算机对象证书)
%5 %16 (AD 用户对象证书)

CertId -- 证书或 CRL 匹配令牌。这可以是一个序列号,
一个 SHA-1 证书、CRL、CTL 或公钥哈希,
一个数字证书索引(0, 1, 等等),
一个数字 CRL 索引(.0, .1, 等等),
一个数字 CTL 索引(..0, ..1, 等等),
一个公钥,签名或扩展 ObjectId,
一个证书使用者公用名
一个电子邮件地址、UPN 或 DNS 名称,
一个密钥容器名称或 CSP 名称,
一个模板名称或 ObjectId,
一个 EKU 或应用程序策略 ObjectId,
或者一个 CRL 颁发者公用名。
上面这些可能会产生多重匹配。
OutputFile -- 保存匹配证书的文件
使用 %5 来访问用户存储而不是计算机存储。
使用 %4 访问计算机企业存储。
使用 %14 访问计算机服务存储。
使用 %15 访问计算机组策略存储。

示例:
%6
%7
%8
%9
CertificateStoreName -- Certificate store name. Examples:
"%1", "%2" (default), "%3",

"%10" (View Root Certificates)

"%11" (Modify Root Certificates)

"%12" (View CRLs)

"%13" (Enterprise CA Certificates)
%16 (AD machine object certificates)
%5 %16 (AD user object certificates)

CertId -- Certificate or CRL match token. This can be a serial number,
an SHA-1 certificate, CRL, CTL or public key hash,
a numeric cert index (0, 1, etc.),
a numeric CRL index (.0, .1, etc.),
a numeric CTL index (..0, ..1, etc.),
a public key, signature or extension ObjectId,
a certificate subject Common Name,
an e-mail address, UPN or DNS name,
a key container name or CSP name,
a template name or ObjectId,
an EKU or Application Policies ObjectId,
or a CRL issuer Common Name.
Many of the above may result in multiple matches.
OutputFile -- file to save matching cert
Use %5 to access a user store instead of a machine store.
Use %4 to access a machine enterprise store.
Use %14 to access a machine service store.
Use %15 to access a machine group policy store.

Examples:
%6
%7
%8
%9
2322CertificateStoreName -- 证书存储名称。参见 -store。
InFile -- 要添加到存储的证书或 CRL 文件。
CertificateStoreName -- Certificate store name. See -store.
InFile -- Certificate or CRL file to add to store.
2323CertificateStoreName -- 证书存储名称。参见 -store。
CertId -- 证书或 CRL 匹配令牌。参见 -store。
CertificateStoreName -- Certificate store name. See -store.
CertId -- Certificate or CRL match token. See -store.
2324BackupDirectory -- 存储备份数据的目录
%1 -- 仅执行增量备份(默认为完整备份)
%2 -- 保留数据库日志文件(默认为截断日志文件)
BackupDirectory -- directory to store backed up data
%1 -- perform incremental backup only (default is full backup)
%2 -- preserve database log files (default is to truncate log files)
2325BackupDirectory -- 存储备份数据库文件的目录
%1 -- 仅执行增量备份(默认为完整备份)
%2 -- 保留数据库日志文件(默认为截断日志文件)
BackupDirectory -- directory to store backed up database files
%1 -- perform incremental backup only (default is full backup)
%2 -- preserve database log files (default is to truncate log files)
2326BackupDirectory -- 存储备份 PFX 文件的目录 BackupDirectory -- directory to store backed up PFX file
2327BackupDirectory -- 包含要还原的数据的目录 BackupDirectory -- directory containing data to be restored
2328BackupDirectory -- 包含要还原的数据库文件的目录 BackupDirectory -- directory containing database files to be restored
2329BackupDirectory -- 包含要还原的 PFX 文件的目录
PFXFile -- 要还原的 PFX 文件
BackupDirectory -- directory containing PFX file to be restored
PFXFile -- PFX file to be restored
2330CertificateStoreName -- 证书存储名称。请参阅 -store。
CertId -- 证书或 CRL 匹配令牌。请参阅 -store。
PFXFile -- 导出的 PFX 数据输出文件
Modifiers -- 包含下列一项或多项的逗号分隔列表:
%5 -- 不导出证书链
%6 -- 不导出根证书
%9 -- 包含扩展属性
%10 -- 不加密证书
%11 -- 加密证书
%12 -- 导出参数
默认为个人计算机存储。
CertificateStoreName -- Certificate store name. See -store.
CertId -- Certificate or CRL match token. See -store.
PFXFile -- exported PFX data output file
Modifiers -- Comma separated list of one or more of the following:
%5 -- Do not export the certificate chain
%6 -- Do not export the root certificate
%9 -- Include extended properties
%10 -- Do not encrypt the certificates
%11 -- Encrypt the certificates
%12 -- Export Parameters
Defaults to personal machine store.
2331CertificateStoreName -- 证书存储名称。请参见 -store。
PFXFile -- 要导入的 PFX 文件
Modifiers -- 包含下面的一项或多项内容的列表(以逗号分隔):
%1 -- 将 KeySpec 更改为签名
%2 -- 将 KeySpec 更改为密钥交换
%3 -- 将私钥设置为无法导出
%4 -- 不导入证书
%5 -- 不导入证书链
%6 -- 不导入根证书
%7 -- 使用密码保护密钥
%8 -- 不使用密码保护密钥
默认为个人计算机存储。
CertificateStoreName -- Certificate store name. See -store.
PFXFile -- PFX file to be imported
Modifiers -- Comma separated list of one or more of the following:
%1 -- Change the KeySpec to Signature
%2 -- Change the KeySpec to Key Exchange
%3 -- Make the private key non-exportable
%4 -- Do not import the certificate
%5 -- Do not import the certificate chain
%6 -- Do not import the root certificate
%7 -- Protect keys with password
%8 -- Do not password protect keys
Defaults to personal machine store.
2332UserKeyAndCertFile -- 包含要存档的用户私钥和
证书的数据文件。这可以是任何以下内容:
交换密钥管理服务器(KMS)导出文件
PFX 文件
CertId -- KMS 导出文件解密证书匹配令牌。请参见 -store。
使用 %1 导入不是由 CA 颁发的证书。
UserKeyAndCertFile -- Data file containing user private keys and
certificates to be archived. This can be any of the following:
Exchange Key Management Server (KMS) export file
PFX file
CertId -- KMS export file decryption certificate match token. See -store.
Use %1 to import certificates not issued by the CA.
2333PFXInFileList -- 以逗号分隔的 PFX 输入文件列表
PFXOutFile -- PFX 输出文件
Modifiers -- 包含下列一项或多项的逗号分隔列表:
%9 -- 包含扩展属性
%10 -- 不加密证书
%11 -- 加密证书
在命令行中指定的密码是以逗号分隔的密码
列表。如果指定多个密码,则最后一个密码将
用于输出文件。如果仅提供一个密码或最后一个密码
为 "*",则系统将提示用户提供输出文件的密码。
PFXInFileList -- Comma separated PFX input file list
PFXOutFile -- PFX output file
Modifiers -- Comma separated list of one or more of the following:
%9 -- Include extended properties
%10 -- Do not encrypt the certificates
%11 -- Encrypt the certificates
The password specified on the command line is a comma separated password
list. If more than one password is specified, the last password is used
for the output file. If only one password is provided or if the last
password is "*", the user will be prompted for the output file password.
2334PFXInFileList -- 逗号分隔的 PFX 输入文件列表
EPF -- EPF 输出文件
%1 -- 使用 CAST 64 加密
%2 -- 使用 CAST 64 加密(导出)
V3CACertId -- V3 CA 证书匹配令牌。参阅 -store CertId 描述。
Salt -- EPF 输出文件加密盐字符串
在命令行指定的密码是逗号分隔的密码列表。如果指定了一个以上的密码,
将对输出文件使用最后一个密码。如果只提供了一个密码或最后一个密码
为 "*",将提示用户输出文件的密码。
PFXInFileList -- Comma separated PFX input file list
EPF -- EPF output file
%1 -- Use CAST 64 encryption
%2 -- Use CAST 64 encryption (export)
V3CACertId -- V3 CA Certificate match token. See -store CertId description.
Salt -- EPF output file salt string
The password specified on the command line is a comma separated password
list. If more than one password is specified, the last password is used
for the output file. If only one password is provided or if the last
password is "*", the user will be prompted for the output file password.
2335RequestId -- 挂起申请的数字申请 Id
AttributeString -- 申请属性名和值对
名称和值用冒号分隔。
多名称、值对在不同的行。
示例: "CertificateTemplate:User
EMail:[email protected]"
每个 "
" 序列被转换为新行分隔符。
RequestId -- numeric Request Id of pending request
AttributeString -- Request Attribute name and value pairs
Names and values are colon separated.
Multiple name, value pairs are newline separated.
Example: "CertificateTemplate:User
EMail:[email protected]"
Each "
" sequence is converted to a newline separator.
2336SerialNumber -- 要吊销的证书序列号列表(以逗号分隔)
Reason -- 吊销原因(数字或符号):
0: %1 -- 未指定(默认)
1: %2 -- 密钥泄漏
2: %3 -- CA 泄漏
3: %4 -- 从属更改
4: %5 -- 被取代
5: %6 -- 操作停止
6: %7 -- 证书挂起
8: %8 -- 从 CRL 中删除
9: %9 -- 特权撤消
10: %10 -- AA 泄露
-1: %11 -- 取消吊销
SerialNumber -- Comma separated list of certificate serial numbers to revoke
Reason -- numeric or symbolic revocation reason:
0: %1 -- Unspecified (default)
1: %2 -- Key Compromise
2: %3 -- CA Compromise
3: %4 -- Affiliation Changed
4: %5 -- Superseded
5: %6 -- Cessation of Operation
6: %7 -- Certificate Hold
8: %8 -- Remove From CRL
9: %9 -- Privilege Withdrawn
10: %10 -- AA Compromise
-1: %11 -- Unrevoke
2337使用 %1 导入证书以代替相同密钥的挂起的请求。
使用 %2 来导入非 CA 颁发的证书。
还可能需要配置 CA 来支持外部证书导入:
%3
Use %1 to import the certificate in place of a pending request for the same key.
Use %2 to import certificates not issued by the CA.
The CA may also need to be configured to support foreign certificate import:
%3
2338OutCACertFile -- 输出文件
Index -- CA 证书续订索引(默认为最新的)
OutCACertFile -- output file
Index -- CA certificate renewal index (defaults to most recent)
2339OutCACertChainFile -- 输出文件
Index -- CA 证书续订索引(默认为最新的)
OutCACertChainFile -- output file
Index -- CA certificate renewal index (defaults to most recent)
2340使用 %2 来忽略未完成的续订申请,并且生成新的申请。 Use %2 to ignore an outstanding renewal request, and generate a new request.
2341验证证书或 CRL URL Verify Certificate or CRL URLs
2342InFile | URL InFile | URL
2343证书 "%ws" 已经在存储中。 Certificate "%ws" already in store.
2344证书 "%ws" 添加到存储。 Certificate "%ws" added to store.
2345CRL "%ws" 已经在存储中。 CRL "%ws" already in store.
2346CRL "%ws" 添加到存储。 CRL "%ws" added to store.
2347CTL %ws 已经在存储中。 CTL %ws already in store.
2348CTL %ws 添加到存储中。 CTL %ws added to store.
2349KMS V1 CA 证书列表 KMS V1 CA Certificate List
2350选择 KMS V1 CA 证书 Select KMS V1 CA certificate
2351错误消息文本 Error message text
2352错误消息文本和错误代码 Error message text and error code
2353正在检索 Retrieving
2354成功 Success
2355失败 Failed
2356正在验证 Verifying
2357验证失败 Verify Failure
2358没有 URL No URLs
2361错误颁发者 Wrong Issuer
2363吊销检查失败 Revocation Check Failed
2365确定 OK
2366CDP CDP
2367AIA AIA
2372状态 Status
2373类型 Type
2374URL Url
2375检索时间 Retrieval Time
2378GetObjectUrl GetObjectUrl
2379证书使用者 Certificate Subject
2380基 CRL 颁发者 Base CRL Issuer
2381增量 CRL 颁发者 Delta CRL Issuer
2382没有选择 No Selection
2383没有选择证书 No Certificate Selected
2384打开证书或 CRL 文件时出现错误 Error Opening Certificate or CRL File
2386错误信息 Error Information
2387检索 URL 时出现错误: %ws Error retrieving URL: %ws
2388找不到 URL: %ws No URLs found: %ws
2389找不到构造 EPF 文件所需的 KMS CA 证书。
在相同的 KMS 中注册客户端并使用 Outlook 来保存用户密钥到一个
EPF 文件。将此 EPF 文件带到当前计算机并使用 certutil 来转储
此 EPF 文件。这将把需要的 KMS CA 证书导入到本地计算机证书
存储,使它们对于构造新的 EPF 文件可用。
Cannot find KMS CA certificate required to construct the EPF file.
Enroll a client in the same KMS and use Outlook to save the user keys
to an EPF file. Take the EPF file to the current machine and use certutil
to dump the EPF file. This will import the needed KMS CA certificates into
the local machine cert store, making them available to construct new EPF files.
2390%1 -- 生成脚本以检索和恢复密钥(找到多个匹配的恢复代理
或未指定输出文件
时的默认行为)。
%2 -- 检索一个或多个密钥恢复 Blob (恰好找到一个匹配的恢复代理
并指定了输出文件
时的默认行为)
%3 -- 在一个步骤中检索和恢复私钥(需要密钥
恢复代理证书和私钥)
SearchToken -- 用于选择要恢复的密钥和证书。
可以是任何以下内容:
证书公用名称
证书序列号
证书 SHA-1 哈希(指纹)
证书 KeyId SHA-1 哈希(使用者密钥标识符)
请求者名称(domain\user)
UPN (user@domain)
RecoveryBlobOutFile -- 包含一个证书链和关联的私钥
的输出文件,仍加密到一个或多个密钥恢复
代理证书。
OutputScriptFile -- 包含批处理脚本以检索和恢复私钥
的输出文件。
OutputFileBaseName -- 输出文件基本名称。
对于 %2,将截断任何扩展,并为每个密钥恢复 Blob
附加证书特定的字符串和 %4
扩展。每个文件包含一个证书链和关联的
私钥,仍加密到一个或多个密钥恢复代理
证书。
对于 %3,将截断任何扩展并附加 %5
扩展。包含恢复的证书链和关联的
私钥(存储为 PFX 文件)。
%1 -- generate a script to retrieve and recover keys (default behavior
if multiple matching recovery candidates are found, or if the
output file is not specified).
%2 -- retrieve one or more Key Recovery Blobs (default behavior if
exactly one matching recovery candidate is found, and if the output
file is specified)
%3 -- retrieve and recover private keys in one step (requires Key
Recovery Agent certificates and private keys)
SearchToken -- Used to select the keys and certificates to be recovered.
Can be any of the following:
Certificate Common Name
Certificate Serial Number
Certificate SHA-1 hash (thumbprint)
Certificate KeyId SHA-1 hash (Subject Key Identifier)
Requester Name (domain\user)
UPN (user@domain)
RecoveryBlobOutFile -- output file containing a certificate chain and an
associated private key, still encrypted to one or more Key Recovery
Agent certificates.
OutputScriptFile -- output file containing a batch script to retrieve and
recover private keys.
OutputFileBaseName -- output file base name.
For %2, any extension is truncated and a certificate-specific
string and the %4 extension are appended for each key recovery
blob. Each file contains a certificate chain and an associated
private key, still encrypted to one or more Key Recovery Agent
certificates.
For %3, any extension is truncated and the %5 extension is
appended. Contains the recovered certificate chains and associated
private keys, stored as a PFX file.
2391从 DS 存储中删除 %ws。 %ws deleted from DS store.
2392前向交叉证书 Forward cross cert
2393后向交叉证书 Backward cross cert
2398无效 Invalid
2399不被信任 Untrusted
2400未加载 Not loaded
2401CA 交叉证书 CA cross cert
2402系统默认语言 Id: System default Language Id:
2403版本 %u 证书和密钥: Version %u certificates and keys:
2404使用旧的 PFX 加密 Use old PFX encryption
2405证书签名有效 Certificate signature is valid
2406密钥使用情况计数 Key usage count
2408不受支持 Not supported
2409CA 证书版本 CA cert version
2410启用了 Active Server Page (ASP) Enabled Active Server Pages (ASP)
2411已经启用了 Active Server Page (ASP) Active Server Pages (ASP) already enabled
2412启用 Active Server Page (ASP) 时出现错误 Error enabling Active Server Pages (ASP)
2413丢失! MISSING!
2414净化的 CA 短名称(DS 名称) Sanitized CA short name (DS name)
2415删除的 WinINet 缓存项目: %u WinINet Cache entries deleted: %u
2416WinINet 缓存项目: %u WinINet Cache entries: %u
2417允许 Permitted
2418排除 Excluded
2419IP 地址 IP Address
2420掩码 Mask
2421URL -- 缓存的 URL
%1 -- 只在所有缓存的 CRL URL 上操作
%2 -- 在所有的 URL 上操作
%3 -- 从当前用户的本地缓存中删除有关的 URL
使用 %4 来强制提取特定的 URL 并更新缓存。
URL -- cached URL
%1 -- operate on all cached CRL URLs only
%2 -- operate on all cached URLs
%3 -- delete relevant URLs from the current user's local cache
Use %4 to force fetching a specific URL and updating the cache.
2422子树 Subtree
2423相关证书: Related Certificates:
2424相关 CRL: Related CRLs:
2425精确匹配: Exact match:
2426用密码来保护密钥 Protect keys with password
2427为 CA 设置模板 Set templates for CA
2428[+ | -]TemplateList [+ | -]TemplateList
2429正在添加 Adding
2431已有 Already present
2432没有 Not present
2433KMS 导出文件签名验证 KMS export file signature verifies
2434AutoEnroll 属性 AutoEnroll Property
2436颁发机构 Authority
2437友好名称 Friendly Name
2438令牌匹配 Token match
2439错误 Asn 长度编码 Bad Asn length encoding
2440Asn 编码: %x 个额外字节 Asn encoding: %x extra bytes
2441%ws 对照证书验证密钥 %ws key verifies against certificate
2442%ws 密钥与证书不匹配 %ws key does not match certificate
2443需要 Expected
2444公钥: Public key:
2447签名 Signing
2448交换 Exchange
2449LoadCert(CACrossed) 返回了 %ws LoadCert(CACrossed) returned %ws
2450交叉的 CA 证书 Crossed CA Cert
2451交叉的 CA 证书序列号: Crossed CA Cert Serial Number:
2452交叉的 CA 使用者名称与证书使用者匹配 Crossed CA Subject name matches Cert Subject
2453错误: 交叉的 CA 使用者名称与证书使用者不匹配 ERROR: Crossed CA Subject name does not match Cert Subject
2454交叉的 CA 公钥与证书密钥匹配 Crossed CA public key matches Cert key
2455错误: 证书公钥与证书密钥不匹配 ERROR: Certificate public key does NOT match Cert key
2456交叉的 CA 使用者密钥 Id 与证书使用者密钥 Id 匹配 Crossed CA Subject Key Id matches Cert Subject Key Id
2457错误: 交叉的 CA 密钥 Id 与密钥 Id 不匹配 ERROR: Crossed CA Key Id does not match Key Id
2459已规范化 canonicalized
2460找不到要求的 CRL 扩展 A required CRL extension is missing
2461已验证 Verified
2462错误的 CA 证书使用者 Bad CA Cert Subject
2463错误的证书颁发者 Bad Cert Issuer
2464旧的基 CRL Old Base CRL
2465错误的证书颁发机构密钥 Id Bad Authority Key Id
2466没有 IDP 交集 No IDP Intersection
2467错误: CRL 颁发者与证书颁发者不匹配 ERROR: CRL Issuer does not match Cert Issuer
2468CRL 颁发者与证书颁发者匹配 CRL Issuer matches Cert Issuer
2469提供程序 Provider
2470错误: CRL IDP 扩展与证书 CDP 不匹配 ERROR: CRL IDP extension does not match Cert CDP
2471错误: CRL 颁发者与增量 CRL 颁发者不匹配 ERROR: CRL Issuer does not match Delta CRL Issuer
2472CRL 颁发者与增量 CRL 颁发者匹配 CRL Issuer matches Delta CRL Issuer
2473警告: CRL CA 版本与证书 CA 版本不匹配 WARNING: CRL CA Version does not match Cert CA Version
2474警告: CRL CA 版本与增量 CRL CA 版本不匹配 WARNING: CRL CA Version does not match Delta CRL CA Version
2475错误: CRL 号比增量 CRL 最小基要小 ERROR: CRL Number less than Delta CRL Minimum Base
2476错误: CRL 不是一个基 CRL ERROR: CRL is not a Base CRL
2477错误: CRL 不是一个增量 CRL ERROR: CRL is not a Delta CRL
2478正在验证颁发的证书: Verifying Issued Certificate:
2479正在验证增量 CRL: Verifying Delta CRL:
2480删除的 WinHttp 缓存项目: %u WinHttp Cache entries deleted: %u
2481WinHttp 缓存项目: %u WinHttp Cache entries: %u
2482元文件名: Meta File Name:
2483WinINet 缓存项目: WinINet Cache entry:
2484WinHttp 缓存项目: WinHttp Cache entry:
2485CAName CAName
2486MachineName MachineName
2487时间: Time:
2488证书 AIA Certificate AIA
2489证书 CDP Certificate CDP
2490基 CRL CDP Base CRL CDP
2491URL 取指令超时(毫秒) URL fetch timeout in milliseconds
2492超时 Timeout
2493无法输出公钥 Cannot export public key
2494显示密码和私钥数据 Display password and private key data
2495OCSP OCSP
2496解码错误 Decode Error
2497未成功 Unsuccessful
2498不支持 Unsupported
2500无效签名 Invalid Signature
2501OCSP 请求: OCSP Request:
2502OCSP 响应: OCSP Response:
2503产生位置 Produced At
2504OCSP 响应项: OCSP Response Entries:
2505OCSP 响应信息 OCSP Response Info
2506OCSP 请求项: OCSP Request Entries:
2507OCSP 请求信息 OCSP Request Info
2508颁发者名称哈希(%ws): Issuer Name Hash(%ws):
2509颁发者密钥哈希(%ws): Issuer Key Hash(%ws):
2510找不到序列号 Serial Number Not Found
2512无效签名者 EKU Invalid Signer EKU
2513签名者过期 Signer Expired
2514吊销日期 Revoked As Of
2515证书 OCSP Certificate OCSP
2516分析 ASN.1 文件 Parse ASN.1 file
2517文件[类型] File [type]
2518解码错误! DECODE ERROR!
2519唯一容器名称 Unique container name
2520若要备份 To be backed up
2521预期的基 CRL Expected Base CRL
2522预期的增量 CRL Expected Delta CRL
2523默认容器 Default Container
2524内容结束 End Of Content
2525在当前计算机上安装证书颁发机构 Install a Certification Authority on current machine
2526管理智能卡根证书 Manage smart card root certificates
2527根证书预配 Root Certificate Provisioning
2528%1 [%5][InputRootFile] [ReaderName]
%2 %6OutputRootFile [ReaderName]
%3 [InputRootFile | ReaderName]
%4 [ReaderName]
%1 [%5][InputRootFile] [ReaderName]
%2 %6OutputRootFile [ReaderName]
%3 [InputRootFile | ReaderName]
%4 [ReaderName]
2529将数据的哈希用作签名 Use hash of data as signature
2530简单容器名称 Simple container name
2531密码算法 Cipher Algorithms
2532哈希算法 Hash Algorithms
2533非对称加密算法 Asymmetric Encryption Algorithms
2534秘密协议算法 Secret Agreement Algorithms
2535签名算法 Signature Algorithms
2536RNG 算法 RNG Algorithms
2537显示 COM 注册表信息 Display COM registry information
2538[ClassId | ProgId | DllName | *] [ClassId | ProgId | DllName | *]
2539 Yes
2540 No
2542拒绝 Deny
2543CA 管理员 CA Administrator
2544证书管理器 Certificate Manager
2546注册 Enroll
2547自动注册 Auto-Enroll
2548完全控制 Full Control
2549写入 Write
2550使用选择的选项需要管理员权限。使用管理员命令提示来完成这些任务。 Administrator permissions are needed to use the selected options. Use an administrator command prompt to complete these tasks.
2551还原的 CA 证书已过期。重新启动 Active Directory 证书服务之前,必须续订 CA 证书。 The restored CA certificate has expired. Before restarting Active Directory Certificate Services you must renew the CA certificate.
2552创建/删除 OCSP Web Proxy 的 Web 虚拟根 Create/delete web virtual roots for OCSP web proxy
2554OCSP Web Proxy 已经存在。 The OCSP Web Proxy already exists.
2555对称密钥算法的名称和可选密钥长度,例如: AES、128 或 3DES Name of Symmetric Key Algorithm with optional key length, example: AES,128 or 3DES
2556SymmetricKeyAlgorithm[,KeyLength] SymmetricKeyAlgorithm[,KeyLength]
2557该动词受到一般准则的限制。 This verb has been restricted by Common Criteria.
2558无法联系证书传播服务。根证书可能不可用。 The certification propagation service could not be contacted. Your root certificates may not be available for use.
2559内容加密算法: Content Encryption Algorithm:
2560对不含 CR-LF 字符的文本进行编码 Encode text without CR-LF characters
2561以 Unicode 编写重定向输出 Write redirected output in Unicode
2562枚举证书存储 Enumerate certificate stores
2563[\\MachineName] [\\MachineName]
2564MachineName -- 远程计算机名称。 MachineName -- remote machine name.
2565使用服务证书存储 Use service certificate store
2566使用组策略证书存储 Use Group Policy certificate store
2567安装默认的证书模板 Install default certificate templates
2568CertificateStoreName -- 证书存储名称。请参见 -store。
CertIdList -- 以逗号分隔的证书或 CRL 匹配令牌列表。
请参见 -store 的 CertId 说明。
PropertyInfFile -- 包含外部属性的 INF 文件:
%1
%2 添加存档的属性,或者:
%3 删除存档的属性

%4 "%5Friendly Name" ; 添加友好名称属性

%6 添加自定义十六进制属性
%7
%8

%9 添加密钥提供程序信息属性
%10Container Name%11
%12
%13
%14
%15

%16 添加增强密钥使用属性
%17
%18
CertificateStoreName -- Certificate store name. See -store.
CertIdList -- comma separated list of Certificate or CRL match tokens.
See -store's CertId description.
PropertyInfFile -- INF file containing external properties:
%1
%2 Add archived property, OR:
%3 Remove archived property

%4 "%5Friendly Name" ; Add friendly name property

%6 Add custom hexadecimal property
%7
%8

%9 Add Key Provider Information property
%10Container Name%11
%12
%13
%14
%15

%16 Add Enhanced Key Usage property
%17
%18
2569Dump 智能卡文件信息 Dump smart card file information
2570[ReaderName] [ReaderName]
2571无法读取文件 Cannot read file
2572成功解压缩 Successfully uncompressed
2573无法解压缩文件 Cannot uncompress file
2574无法对卡进行身份验证 Failed to authenticate to card
2575成功对卡进行身份验证 Successfully authenticated to card
2576正在读取目录 Reading directory
2577输入 PIN: Enter PIN:
2578每个限制都由一个列名称、一个关系操作符和
一个整数常量、字符串或日期组成。列名称前面可以带有
加号或减号,以表示排列顺序。
例如:
%1
%2
%3
Each restriction consists of a column name, a relational operator and
a constant integer, string or date. One column name may be preceded
by a plus or minus sign to indicate the sort order.
Examples:
%1
%2
%3
2579提供程序别名: Provider Aliases:
2580提供程序模块: Provider Module:
2581显示 CNG 配置 Display CNG Configuration
2582显示注册策略 CA Display Enrollment Policy CAs
2583[CAName | TemplateName] [CAName | TemplateName]
2584管理 CA 的站点名称 Manage Site Names for CAs
2585[%1] [SiteName]
%2 [SiteName]
%3
[%1] [SiteName]
%2 [SiteName]
%3
2587已成功更新 Successfully updated
2588更新错误 Update error
2589非对称算法 Asymmetric Algorithms
2590所有算法 All Algorithms
2591注册策略服务器列表 Enrollment Policy Server List
2592选择策略服务器 Select Policy Server
2593默认 Default
2594--- ATR: --- ATR:
2595显示 AD 模板 Display AD templates
2597显示 AD CA Display AD CAs
2598[CAName] [CAName]
2599显示注册策略 Display Enrollment Policy
2600策略服务器 URL 或 ID Policy Server URL or Id
2601URLOrId URLOrId
2602DistinguishedName DistinguishedName
2603类型 -- 数值 CRYPT_STRING_* 解码类型 type -- numeric CRYPT_STRING_* decoding type
2604类型 -- 数值 CRYPT_STRING_* 编码类型 type -- numeric CRYPT_STRING_* encoding type
2605错误: 无法针对私钥验证证书公钥 ERROR: Could not verify certificate public key against private key
2606注册策略 URL Enrollment Policy Url
2607注册策略 ID Enrollment Policy Id
2609注册服务器 URL Enrollment Server Url
2610请求 Id Request Id
2611身份验证 Authentication
2612URL 标志 Url Flags
2613添加注册服务器应用程序 Add an Enrollment Server application
2614%1 | %3 | %5 [%10] [%11] %1 | %3 | %5 [%10] [%11]
2615如有必要,请为指定的 CA 添加注册服务器
应用程序和应用程序池。此命令不安装二进制文件或程序包
客户端可通过以下身份验证方法之一连接到
证书注册服务器
%1 -- %2
%3 -- %4
%5 -- %6
%10 -- 只能通过此 URL 将续订请求
提交到此 CA
%11 -- 允许使用在
AD 中没有关联帐户的证书。这仅适用于
ClientCertificate 和 AllowRenewalsOnly 模式。
Add an Enrollment Server application and application pool if necessary,
for the specified CA. This command does not install binaries or packages
One of the following authentication methods with which the client connects
to a Certificate Enrollment Server
%1 -- %2
%3 -- %4
%5 -- %6
%10 -- Only renewal requests can be submitted to this
CA via this URL
%11 -- Allows use of a certificate that has no
associated account in the AD. This applies only
with ClientCertificate and AllowRenewalsOnly mode.
2616删除注册服务器应用程序 Delete an Enrollment Server application
2617%1 | %3 | %5 %1 | %3 | %5
2618如有必要,请为指定的 CA 删除注册服务器
应用程序和应用程序池。此命令不删除二进制文件或程序包
客户端可通过以下身份验证方法之一连接到
证书注册服务器
%1 -- %2
%3 -- %4
%5 -- %6。
Delete an Enrollment Server application and application pool if necessary,
for the specified CA. This command does not remove binaries or packages
One of the following authentication methods with which the client connects
to a Certificate Enrollment Server
%1 -- %2
%3 -- %4
%5 -- %6.
2619安装已成功,但附有警告: %ws Install succeeded with warnings: %ws
2620卸载已成功,但附有警告: %ws UnInstall succeeded with warnings: %ws
2621智能卡序列号: Smart Card Serial Number:
2622ObjectId ObjectId
2624扩展 Extension
2628CA CA
2630使用匿名 SSL 凭据 Use anonymous SSL credentials
2631使用 Kerberos SSL 凭据 Use Kerberos SSL credentials
2632使用 X.509 证书 SSL 凭据 Use X.509 Certificate SSL credentials
2633ClientCertId ClientCertId
2634使用指定帐户作为 SSL 凭据 Use named account for SSL credentials
2635用户名 UserName
2636冲突的 SSL 凭据 Conflicting SSL credentials
2638选择客户端身份验证证书 Select client authentication certificate
2639CA 区域名称 CA locale name
2640显示、添加或删除与 CA 关联的注册服务器 URL Display, add or delete enrollment server URLs associated with a CA
2641[URL AuthenticationType [Priority] [Modifiers]]
URL %9
[URL AuthenticationType [Priority] [Modifiers]]
URL %9
2642AuthenticationType -- 在添加 URL 时,指定以下客户端身份验证方法之一
%1 -- %2
%3 -- %4
%5 -- %6
%7 -- %8。
%9 -- 删除与 CA 关联的指定 URL。
Priority -- 如果在添加 URL 时未指定,则默认为“1”。
Modifiers -- 包含下面的一项或多项内容的逗号分隔列表:
%10 -- 只能通过此 URL 将续订请求
提交到此 CA
%11 -- 允许使用在
AD 中没有关联帐户的证书。这仅适用于
ClientCertificate 和 AllowRenewalsOnly 模式。
AuthenticationType -- Specify one of the following client authentication methods while adding a URL
%1 -- %2
%3 -- %4
%5 -- %6
%7 -- %8.
%9 -- deletes the specified URL associated with the CA.
Priority -- defaults to '1' if not specified when adding a URL.
Modifiers -- Comma separated list of one or more of the following:
%10 -- Only renewal requests can be submitted to this
CA via this URL
%11 -- Allows use of a certificate that has no
associated account in the AD. This applies only with
ClientCertificate and AllowRenewalsOnly Mode.
2643优先级 Priority
2644显示或删除注册策略缓存项目 Display or delete Enrollment Policy Cache entries
2646%1 -- 删除策略服务器缓存项目
%2 -- 使用 %2 删除所有缓存项目。
%1 -- delete Policy Server cache entries
%2 -- use %2 to delete all cache entries.
2647NextUpdate NextUpdate
2648LastUpdate LastUpdate
2650Id Id
2652路径 Path
2654AllowUntrustedCA AllowUntrustedCA
2656缓存文件存在 Cache file exists
2657正在删除缓存项目! Deleting cache entry!
2658无缓存文件 No cache file
2659Url 与缓存文件名不匹配 Url does NOT match cache file name
2660缓存目录 Cache Directory
2661孤立的缓存文件 Orphaned Cache file
2662显示、添加或删除凭据存储项目 Display, add or delete Credential Store entries
2663[URL]
URL %3
URL %1
[URL]
URL %3
URL %1
2664URL -- 目标 URL。使用 %4 匹配所有项目
使用 %5 匹配 URL 前缀
%3 -- 添加凭据存储项目
还必须指定 SSL 凭据
%1 -- 删除凭据存储项目
%2 -- 使用 %2 覆盖一个项目或删除多个项目。
URL -- target URL. Use %4 to match all entries
Use %5 to match a URL prefix
%3 -- add a Credential Store entry
SSL credentials must also be specified
%1 -- delete Credential Store entries
%2 -- use %2 to overwrite an entry or to delete multiple entries.
2666名称 Name
2671凭据 Credential
2673注册证书 Enrollment Certificate
2674注册用户名/密码 Enrollment Username/Password
2675SchemaId SchemaId
2678设置 Setting
2679不定长度 Indefinite Length
2680%1 -- 删除智能卡上的所有密钥 %1 -- Delete all keys on the smart card
2681================ Url %d ================ ================ Url %d ================
2682错误: 容器名称不一致 ERROR: Container name inconsistent
2683对于选择 U/I,使用 %3%1 %3
对于所有策略服务器,使用 %3%1 %2
For selection U/I, use %3%1 %3
For all Policy Servers, use %3%1 %2
2684对于选择 U/I,使用 %2%1 %2 For selection U/I, use %2%1 %2
2686警告: CA 证书在注册表有效期之前过期。 WARNING: CA certificate expires before registry validity period.
2687已添加 Added
2689Kerberos Kerberos
2693Web 注册服务器: Web Enrollment Servers:
2694匹配 Matches
2695必须先使用服务器管理器或 ServerManagerCmd.exe 安装证书注册 Web 服务,然后才能添加注册服务器应用程序。 You must install the Certificate Enrollment Web Service using Server Manager or ServerManagerCmd.exe before adding an enrollment server application.
2696若要导入外部证书,请参阅 %ws To import a foreign certificate, see %ws
2697注册服务器身份验证 Enrollment Server Authentication
2698添加策略服务器应用程序 Add a Policy Server application
2699%1 | %3 | %5 [%10] %1 | %3 | %5 [%10]
2700如有必要,请添加策略服务器应用程序和应用程序池。此命令
不安装二进制文件或程序包
客户端可通过以下身份验证方法之一连接到
证书策略服务器
%1 -- %2
%3 -- %4
%5 -- %6
%10 -- 仅向客户端返回
包含 KeyBasedRenewal 模板的策略。此标记
仅适用于 UserName 和 ClientCertificate
身份验证。
Add a Policy Server application and application pool if necessary. This command
does not install binaries or packages
One of the following authentication methods with which the client connects
to a Certificate Policy Server
%1 -- %2
%3 -- %4
%5 -- %6
%10 -- Only policies that contain KeyBasedRenewal
templates are returned to the client. This flag
applies only for UserName and ClientCertificate
authentication.
2701删除策略服务器应用程序 Delete a Policy Server application
2703如有必要,请删除策略服务器应用程序和应用程序池。此命令
不删除二进制文件或程序包
客户端可通过以下身份验证方法之一连接到
证书策略服务器
%1 -- %2
%3 -- %4
%5 -- %6
%10 -- KeyBasedRenewal 策略服务器。
Delete a Policy Server application and application pool if necessary. This
command does not remove binaries or packages
One of the following authentication methods with which the client connects
to a Certificate Policy Server
%1 -- %2
%3 -- %4
%5 -- %6
%10 -- KeyBasedRenewal policy server.
2704添加策略服务器应用程序之前,必须使用服务器管理器或 ServerManagerCmd.exe 安装证书注册策略 Web 服务。 You must install the Certificate Enrollment Policy Web Service using Server Manager or ServerManagerCmd.exe before adding a policy server application.
2705错误: 已签名的签名算法存在冲突 ERROR: Signed signature algorithm conflict
2706错误: 已签名的签名参数存在冲突 ERROR: Signed signature parameter conflict
2707AllowRenewalsOnly AllowRenewalsOnly
2708AllowKeyBasedRenewal AllowKeyBasedRenewal
2709以 Unicode 编写输出文件 Write output file in Unicode
2710使用者模板 OID Subject Template OIDs
2711错误: 指定的密码不正确。
不过,你有权在不使用密码的情况下访问 PFX。
请在不指定密码的情况下重新运行命令。
ERROR: The password you specified is incorrect.
However, you have permission to access the PFX without a password.
Re-run the command without specifying a password.
2712PFX 保护的密码:“%ws”
PFX protected password: "%ws"
2713PFX 保护的密码未正确存储在 PFX 文件中。它:
The PFX protected password is incorrectly stored in the PFX file. It is:
2714受 PFX 保护以:
PFX protected to:
2715 AND
2716 OR
2717已成功删除 Successfully deleted
2719设置、验证或删除 CA 站点名称
使用 %4 选项以将单个 CA 作为目标(默认为所有 CA)
只有在将单个 CA 作为目标时,才允许使用 SiteName
使用 %5 以覆盖指定 SiteName 的验证错误
使用 %5 以删除所有 CA 站点名称
Set, Verify or Delete CA site names
Use the %4 option to target a single CA (Default is all CAs)
SiteName is allowed only when targeting a single CA
Use %5 to override validation errors for the specified SiteName
Use %5 to delete all CA site names
2720指定的与检测到的站点名称存在冲突 Specified and Detected site names conflict
2721现有 Existing
2722检测到 Detected
2723SKIPPED SKIPPED
2724[MaxSecondsToWait | CAMachineList] [MaxSecondsToWait | CAMachineList]
2725CAMachineList -- 以逗号分隔的 CA 计算机名称列表
对于单个计算机,请使用结束逗号
显示每个 CA 计算机的站点开销
CAMachineList -- Comma-separated CA machine name list
For a single machine, use a terminating comma
Displays the site cost for each CA machine
2726错误: 缺少密钥关联属性 ERROR: missing key association property
2727名称哈希(%ws): Name Hash(%ws):
2728签名哈希: Signature Hash:
2729缓存的密钥标识符: Cached Key Identifier:
2730没有容器名称匹配 No container name match
2731错误: 错误的 KeyId! ERROR: wrong KeyId!
2732找到完全匹配 Found exact match
2733没有 KeyId 匹配 No KeyId match
2734警告: 不同的容器名称! WARNING: different container name!
2735以逗号分隔的 SAM 名称/SID 列表 Comma separated SAM Name/SID List
2736SAMNameAndSIDList SAMNameAndSIDList
2738已解密 Decrypted
2739完整查询结果 Full query results
2740完整结果 Full Results
2741密钥查询 Key Query
2742密钥恢复错误 Key Recovery Errors
2743密钥 Blob Key Blob
2744密钥句柄 Key Handle
2745密钥状态 Key State
2748没有要恢复的存档密钥 No archived key to recover.
2749恢复 Recovery
2750检索 Retrieval
2753查询 Queries
2754查询匹配 Query matches
2755已恢复 Recovered
2756恢复的证书 Recovered Certificates
2757恢复的密钥文件 Recovered key files
2758检索到恢复 Blob Recovery blobs retrieved
2759恢复代理 Recovery Candidates
2760恢复错误 Recovery Errors
2761恢复结果 Recovery Result
2762检索到的密钥文件 Retrieved key files
2763检索的密钥 Retrieved Keys
2764已检索但未恢复 Retrieved, but not Recovered
2765 Rows
2766行(无密钥) Rows (no key)
2767脚本文件 Script file
2769令牌查询 Token Query
2770查询总数 Total Queries
2772智能卡 PIN Smart Card PIN
2773输出脚本文件名丢失。 Missing output script filename.
2774输出文件基本名称丢失。 Missing output file base name.
2775使用 %ws 删除所有项。 Use %ws to delete all entries.
2776保存密钥数据时出错 Error saving key data
2777要恢复密钥,必须使用以下密钥恢复代理证书之一: One of the following Key Recovery Agent certificates is required to recover the key:
2779无法以纯文本方式导出私钥 Private key is NOT plain text exportable
2780恢复 blob 文件 Recovery blob file
2781验证 AuthRoot 或不允许的证书 CTL Verify AuthRoot or Disallowed Certificates CTL
2782CTLObject [CertDir] [CertFile] CTLObject [CertDir] [CertFile]
2783CTLObject -- 指定要验证的 CTL:
%1 -- 从 URL 缓存中读取 AuthRoot CAB 和匹配的
证书。使用 %5 可从 Windows 更新中下载。

%2 -- 从 URL 缓存中读取不允许的证书 CAB 和
不允许的证书存储文件。使用 %5 可
从 Windows 更新中下载。

%7 -- 从 URL 缓存中读取 PinRules CAB。使用 %5 可
从 Windows 更新中下载。

%3 -- 读取注册表缓存的 AuthRoot CTL。与 %5 和
尚未信任的 CertFile 一起使用以强制更新
注册表缓存的 AuthRoot 和不允许的证书 CTL。

%4 -- 读取注册表缓存的不允许证书 CTL。
%5 具有与 %3 相同的行为。

%8 -- 读取注册表缓存的 PinRules CTL。
%5 具有与 %7 相同的行为。

CTLFileName -- CTL 或 CAB 的文件或 %6 路径

CertDir -- 包含与 CTL 条目匹配的证书的文件夹
%6 文件夹路径必须以路径分隔符结尾。
如果未使用 %3 或 %4 指定文件夹,
则会在以下多个位置中搜索匹配的证书: 本地
证书存储、crypt32.dll 资源和本地 URL 缓存。
如有必要,请使用 %5 从 Windows 更新中下载。
否则,默认使用与 CTLObject 相同的文件夹或网站。

CertFile -- 包含要验证的证书的文件。将证书
与 CTL 条目进行匹配,并显示匹配结果。
隐藏大多数默认输出。
CTLObject -- Identifies the CTL to verify:
%1 -- read AuthRoot CAB and matching certificates from the URL
cache. Use %5 to download from Windows Update instead.

%2 -- read Disallowed Certificates CAB and disallowed
certificate store file from the URL cache. Use %5 to download
from Windows Update instead.

%7 -- read PinRules CAB from the URL cache. Use %5 to download
from Windows Update instead.

%3 -- read registry cached AuthRoot CTL. Use with %5 and a
CertFile that is not already trusted to force updating the
registry cached AuthRoot and Disallowed Certificate CTLs.

%4 -- read registry cached Disallowed Certificates CTL.
%5 has the same behavior as with %3.

%8 -- read registry cached PinRules CTL.
%5 has the same behavior as with %7.

CTLFileName -- file or %6 path to CTL or CAB

CertDir -- folder containing certificates matching CTL entries
An %6 folder path must end with a path separator.
If a folder is not specified with %3 or %4, multiple
locations will be searched for matching certificates: local
certificate stores, crypt32.dll resources and the local URL cache.
Use %5 to download from Windows Update when necessary.
Otherwise defaults to the same folder or web site as the CTLObject.

CertFile -- file containing certificate(s) to verify. Certificates
will be matched against CTL entries, and match results displayed.
Suppresses most of the default output.
2784错误: 映像中没有签名链证书: %ws ERROR: Signature chain certificate not present in image: %ws
2785错误: 映像中存在多余的签名链证书: %ws ERROR: Extra signature chain certificate in image: %ws
2786错误: 存在多余的应用程序策略: %ws ERROR: Extra application policy: %ws
2787错误: 缺少应用程序策略: %ws ERROR: Missing application policy: %ws
2788结果: 发现证书完全匹配 Result: Certificate exact match found
2789结果: 发现证书匹配 Result: Certificate match found
2790结果: 未找到证书匹配 Result: Certificate match NOT found
2791结果: 证书公钥冲突 Result: Certificate public key collision
2792OCSP URL OCSP URLs
2793AIA URL AIA URLs
2794CDP URL CDP URLs
2795不属于目标 CTL 的证书: %u Certificates that do not belong to the targeted CTL: %u
2796默认为显示 DC 证书而不进行验证 Default is to display DC certificates without verification
2797%ws 由于出现错误而失败: %ws failed with error:
2798正在加载 Loading
2799证书 [%u]: 引用: Cert[%u]: references:
2800CTL[%u]: 匹配项: CTL[%u]: matches:
2801少于 %ws Less than %ws
2802不支持强签名验证 Strong Signature verification not supported
2803强签名错误: Strong Signature error:
2804旧签名错误: Legacy Signature error:
2805副署!: Counter Signed!:
2806已验证的属性!: Authenticated attribute!:
2807关键扩展 Critical Extension
2808第 %u 个条目存在(共 %u 个) %u of %u entries present
2809要匹配的证书: Certificates to match:
2810旧签名: Legacy signatures:
2811强签名: Strong signatures:
2812缺少增强型密钥用法属性 Missing Enhanced Key Usage property
2813PIN PIN
2814签名证书 Signing certificate
2815CertId CertId
2816与 Windows 更新同步 Sync with Windows Update
2817DestinationDir DestinationDir
2818DestinationDir -- 要复制到的文件夹。
已从 Windows Update 下载以下文件:
%1 - 包含第三方根的 CTL。
%2 - 包含不允许的证书的 CTL。
%3 - 不允许的证书。
%4 - 包含 SSL 捆绑规则的 CTL。
%5 - 捆绑规则证书。
.crt - 第三方根。
DestinationDir -- folder to copy to.
The following files are downloaded from Windows Update:
%1 - contains CTL of Third Party Roots.
%2 - contains CTL of Disallowed Certificates.
%3 - Disallowed Certificates.
%4 - contains CTL of SSL Pin Rules.
%5 - Pin Rules Certificates.
.crt - Third Party Roots.
2819通过 Windows 更新生成 SST Generate SST from Windows Update
2820SSTFile SSTFile
2821SSTFile -- 要创建的 %1 文件。
生成的 %1 文件包含从 Windows 更新下载的
第三方根。
SSTFile -- %1 file to be created.
The generated %1 file contains the Third Party Roots
downloaded from Windows Update.
2822正在更新 Updating
2823“%ws”存在。请使用“%ws”选项强制进行覆盖。 "%ws" exists. Use "%ws" option to force overwrite.
2824警告! 遇到以下不再信任的根: Warning! Encountered the following no longer trusted roots:
2825使用“%ws”选项强制删除上面的“%ws”文件。
是否更新“%ws”?
如果更新,请考虑将删除推迟到更新所有客户端之后。
Use "%ws" options to force the delete of the above "%ws" files.
Was "%ws" updated?
If yes, consider deferring the delete until all clients have been updated.
2826启用临时自动根更新。 Enabling temporary auto root update.
2827正在还原自动根更新禁用。 Restoring disable of auto root update.
2828无法在注册表中启用自动根更新。
是否以提升的管理员身份运行?
Cannot enable auto root update in the registry.
Are you running as elevated administrator?
2829无任何更新! No Updates!
2830添加了 %d 个文件。更新了 %d 个文件。 Added %d files. Updated %d files.
2831更新的 SST 文件。 Updated SST file.
2832显示受信任的平台模块信息 Display Trusted Platform Module Information
2833CA 交换证书哈希 CA Exchange Cert Hash
2834验证密钥证明请求 Verify Key Attestation Request
2835RequestFile RequestFile
2836制造商认可密钥证书 Manufacturer Endorsement Key Certificates
2837其他认可密钥证书 Other Endorsement Key Certificates
2838质询正在挂起 Challenge Pending
2839质询已满足 Challenge Satisfied
2840使用时信任 Trust On Use
2841信任认可证书 Trust Endorsement Certificate
2842信任认可密钥 Trust Endorsement Key
2843Nonce 摘要 Nonce digest
2844证明成功。 Attestation successful.
2845机密 Secret
2846解密的 EKInfo Decrypted EKInfo
2847EK 公钥 EK Public Key
2848激活 Activation
2849解密的机密 Decrypted Secret
2850激活成功。 Activation successful.
2851正在写入 Writing
2852无法提取 EK 公钥 Cannot fetch EK public key
2853EK KeyId(%ws): EK KeyId(%ws):
2854%1 %1
2855数字 SID Numeric SID
2856%2 -- 本地系统
%3 -- 本地服务
%4 -- 网络服务
%2 -- Local System
%3 -- Local Service
%4 -- Network Service
2858没有制造商认可密钥证书 No Manufacturer Endorsement Key Certificates
2859没有其他认可密钥证书 No Other Endorsement Key Certificates
2860资源 Resource
2861已更新 DS 模板和安全描述符 Updated DS Template and security descriptor
2862修饰符: Modifiers:
2863仅限最终实体证书 End Entity certificate only
2864排除根证书 Exclude root certificate
2865证书: 未加密 Certificates: Not Encrypted
2866正在启用临时捆绑规则自动更新。 Enabling temporary Pin Rules auto update.
2867正在恢复禁用捆绑规则自动更新。 Restoring disable of Pin Rules auto update.
2868无法在注册表中启用捆绑规则自动更新。
你是否正在以提升的管理员身份运行?
Cannot enable Pin Rules auto update in the registry.
Are you running as elevated administrator?
2869添加 ECC 曲线 Add ECC Curve
2870[CurveClass:]CurveName CurveParameters [CurveOID] [CurveType] [CurveClass:]CurveName CurveParameters [CurveOID] [CurveType]
2871
CurveClass: -- ECC 曲线类类型:
- %1 [默认值]
- %2
- %3

CurveName -- ECC 曲线名称

CurveParameters -- ECC 曲线参数。为下列其中一项
- 包含 ASN 编码参数的证书文件名
- 包含 ASN 编码参数的文件

CurveOID -- ECC 曲线 OID。为下列其中一项:
- 包含 ASN 编码 OID 的证书文件名
- 显式 ECC 曲线 OID

CurveType -- Schannel ECC NamedCurve 点(数字)

CurveClass: -- ECC Curve Class Type:
- %1 [Default]
- %2
- %3

CurveName -- ECC Curve Name

CurveParameters -- ECC Curve Parameters. It is one of the following
- Certificate Filename Containing ASN Encoded Parameters
- File Containing ASN Encoded Parameters

CurveOID -- ECC Curve OID. It is one of the following:
- Certificate Filename Containing ASN Encoded OID
- Explicit ECC Curve OID

CurveType -- Schannel ECC NamedCurve Point (Numeric)
2872删除 ECC 曲线 Delete ECC Curve
2873CurveName | CurveOID CurveName | CurveOID
2874CurveName -- ECC 曲线名称
CurveOID -- ECC 曲线 OID
CurveName -- ECC Curve Name
CurveOID -- ECC Curve OID
2875显示 ECC 曲线 Display ECC Curve
2876[CurveName | CurveOID] [CurveName | CurveOID]
2878ECC 曲线参数 ECC Curve Parameters
2879CNG 参数 Blob CNG Parameters Blob
2880ASN 参数 Blob ASN Parameters Blob
2881公钥长度 Public Key Length
2900生成捆绑规则 CTL Generate Pin Rules CTL
2901XMLFile CTLFile [SSTFile [QueryFilesPrefix]] XMLFile CTLFile [SSTFile [QueryFilesPrefix]]
2902XMLFile -- 要解析的输入 XML 文件。
CTLFile -- 要生成的输出 CTL 文件。
SSTFile -- 要创建的可选 %1 文件。
%1 文件包含所有用于捆绑的
证书。
QueryFilesPrefix -- 要为数据库查询创建的可选 %2 文件和 %3 文件。
QueryFilesPrefix 字符串附加到每个已创建文件的前面。
%2 文件包含规则名称、域行。
%3 文件包含规则名称、密钥 SHA256 指纹行。
XMLFile -- input XML file to be parsed.
CTLFile -- output CTL file to be generated.
SSTFile -- optional %1 file to be created.
The %1 file contains all of the certificates
used for pinning.
QueryFilesPrefix -- optional %2 and %3 files to be created for database query.
The QueryFilesPrefix string is prepended to each created file.
The %2 file contains rule name, domain rows.
The %3 file contains rule name, key SHA256 thumbprint rows.
2903与 ServerName 匹配的 SSL 策略 SSL Policy matching ServerName
2904ServerName ServerName
2905警告 = 无法在此版本的 Windows 上验证下载的捆绑规则。
操作将会继续。建议在更高版本的 Windows 上运行。
Warning = Unable to verify downloaded Pin Rules on this version of Windows.
Will continue. Recommend running on a later version of Windows.
2911警告 Warning
2913编码 Encoding
2914正在解析 Parsing
2915正在匹配 Matching
2916正在跳过 Skipping
2917正在获取 Getting
2918添加现有项 Add Existing
2919新加 Add New
2920正在删除重复项 Removing Duplicate
2921正在跳过元素 Skipping Element
2922仅允许 Only Allow
2923元素 Elements
2924元素计数 Element Counts
2925重复元素 Duplicate Element
2926负持续时间值 Negative duration value
2927不支持的年数或月数持续时间值 Not supported years or months duration value
2928编写查询文件 Write Query Files
2929XML 解析程序错误详细信息 XML Parser Error Details
2930保存到 SST 文件 Save To SST File
2931正在查找元素: %ws Finding Element: %ws
2932查询元素: %ws Query Element: %ws
2933正在获取 %ws 元素计数 Getting %ws Element Count
2934正在解析元素: %ws 属性 Parsing Element: %ws Attributes
2935重复 = 正在删除 %ws (与 %ws 匹配) Duplicate = Removing %ws Matching %ws
2936在其他 %ws 元素中缺失 Missing from other %ws Elements
2937没有 %ws 元素 No %ws Elements
2938正在打开 = 元素: %ws %ws: %ws Opening = Element: %ws %ws: %ws
2939正在枚举 = 元素: %ws %ws: %ws Enumerating = Element: %ws %ws: %ws
2940重复属性值 = %ws: %ws,在元素 %ws 和 %ws 中 Duplicate Attribute Value = %ws: %ws in Elements: %ws and %ws
2941规范化属性 = 元素: %ws属性: %ws: 值: %ws 到 %ws Normalize Attribute = Element: %ws Attribute: %ws: Value: %ws to %ws
2942失败 = 重复的属性 %ws: %hs,在元素 %ws 中 Failed = Duplicate Attribute %ws: %hs in Element: %ws
2943失败 = 元素: %ws 没有 %ws 元素 Failed = Element: %ws has no %ws Elements
2944警告 = 元素: %ws 没有 %ws 元素 Warning = Element: %ws has no %ws Elements
2945失败 = 缺少元素: %ws Failed = Missing Element: %ws
2946失败 = 元素: %ws 包含无效属性: %ws Failed = Element: %ws has invalid Attribute: %ws
2947失败 = 元素: %ws 属性: %ws 包含无效值: %ws Failed = Element: %ws Attribute: %ws has invalid Value: %ws
2948失败 = 元素: %ws 包含无效属性: %ws,原因: Failed = Element: %ws has invalid Attribute: %ws with Reason:
2949失败 = 元素 %ws,属性 %ws 包含无效值 %ws,原因: Failed = Element: %ws Attribute: %ws has invalid Value: %ws with Reason:
2950失败 = 元素: %ws 缺少属性: %ws Failed = Element: %ws is missing Attribute: %ws
2951重复属性值 %ws: %hs,在元素 %ws 和 %ws 中 Duplicate Attribute Value %ws: %hs in Elements: %ws and %ws
2952警告 = 没有可保存到 SST 文件的 %ws 证书 Warning = No %ws certificates to save to SST File
2953AlternateStorageLocation AlternateStorageLocation
2954AIK 公钥 AIK Public Key
2955AIK KeyId (%ws): AIK KeyId(%ws):
2956下载 OCSP 响应并写入目录 Download OCSP Responses and Write to Directory
2957CertificateDir OcspDir [ThreadCount] [修饰符] CertificateDir OcspDir [ThreadCount] [Modifiers]
2958CertificateDir -- 证书、存储和 PFX 文件的目录。
OcspDir -- 写入 OCSP 响应的目录。
ThreadCount -- 可选的并行下载的最大线程数。默认值为 10。
修饰符 -- 以下一项或多项的逗号分隔的列表:
%1 -- 下载一次,然后退出
%2 -- 从 OcspDir 读取而不是写入
默认情况 下,certutil 不会退出,必须显式终止。
CertificateDir -- directory of certificate, store and PFX files.
OcspDir -- directory to write OCSP responses.
ThreadCount -- optional maximum number of threads for concurrent downloading. Default is 10.
Modifiers -- Comma separated list of one or more of the following:
%1 -- Download once and exit
%2 -- Read from OcspDir instead of writing
By default, certutil won't exit and must be explicitly terminated.
2959检查目录 中的证书文件 Check certificate files in directory
2960没有下载! No Downloads!
2961始终等待下载 Wait forever for downloads
2962失败 = 此版本的 Windows 不支持 downloadOcsp 选项 Failed = downloadOcsp option not supported on this version of Windows.
2963使用以前的 RemainingMinutes 时: %d 使用 ThisUpdate 下载了新 OCSP 响应: %ws NextUpdate: %ws With previous RemainingMinutes: %d downloaded new OCSP response with ThisUpdate: %ws NextUpdate: %ws
2964打开 OCSP 主题证书文件 Open OCSP subject certificate file
2965删除 OCSP 主题证书文件 Remove OCSP subject certificate file
2966添加 OCSP 响应文件 Add OCSP response file
2967删除 OCSP 响应文件 Remove OCSP response file
2968正在等待 %d 下载 OCSP 响应完成 Waiting for %d download OCSP reponses to complete
2969已下载的 OCSP 响应 Downloaded OCSP Responses
2970毫秒: %d ThisUpdate: %ws NextUpdate: %ws RemainingMinutes: %d Milliseconds: %d ThisUpdate: %ws NextUpdate: %ws RemainingMinutes: %d
2971总计: %d 已下载: %d 警告: %d 未完成: %d 错误: %d 最大线程计数: %d Total: %d Downloaded: %d Warnings: %d Pending: %d Errors: %d Maximum Thread Count: %d
2972错误 = 下载 OCSP 响应。%ws Error = Download OCSP response. %ws
2973错误 = 写入 OCSP 响应文件。%ws Error = Write OCSP response file. %ws
2974错误 = 缺少颁发者证书 Error = Missing issuer certificate
2975错误 = 打开 OCSP 主题证书文件。%ws Error = Open OCSP subject certificate file. %ws
2976错误 = OCSP 响应下载未完成 Error = Pending OCSP response download
2977警告 = 文件中没有 OCSP 主题证书 Warning = No OCSP subject certificates in file
2978警告 = OCSP 响应文件重复 Warning = Duplicate OCSP response file
2979警告 = 证书不支持 OCSP Warning = OCSP not supported for certificate
2980测试通过 test passed
2981测试失败 test FAILED
2982已跳过测试 test skipped
2983密钥加密算法: Key Encryption Algorithm:
2985[TaskName [SRKThumbprint]] [TaskName [SRKThumbprint]]
2986TaskName -- 要触发的任务
%1 -- NGC 密钥 Pregen 任务
%2 -- NGC AIK 证书注册任务。
默认为自动注册事件。
SRKThumbprint -- 存储根密钥的指纹
TaskName -- task to trigger
%1 -- NGC Key Pregen task
%2 -- NGC AIK certificate enrollment task.
defaults to autoenrollment event.
SRKThumbprint -- Thumprint of Storage Root Key
2987AIK 证书 AIK Certificates
2988无 AIK 证书 No AIK Certificates
2989原因: 特权撤消 Reason: Privilege Withdrawn
2990原因: AA 泄漏 Reason: AA Compromise
2991无法导入私钥 Cannot import private key
2992计数 count
2993无法解密内容 Cannot decrypt content
2994已解密内容 Decrypted content
2995未受保护的属性 Unprotected attributes
2996已计算 Computed
2997迭代计数 Iteration count
2998本地密钥 ID: Local Key Id:
2999无效模板 Invalid Template
3100PKCS 属性: PKCS Attributes:
3101已验证扩展验证(EV)策略 Verified Extended Validation (EV) Policies
3102扩展验证证书 Extended Validation Certificate
3103强签名验证 Strong signature verification
3104必须链接到 Microsoft 根目录 Must chain to a Microsoft root
3105必须链接到 Microsoft 测试根目录 Must chain to a Microsoft test root
3106必须链接到 Microsoft 应用程序根目录 Must chain to a Microsoft application root
3107强制执行扩展验证策略 Enforce Extended Validation Policy
3108分离的签名与公钥匹配 Detached signature matches Public Key
3109使用指定文件或目录中的证书生成 HPKP 头 Generate HPKP header using certificates in specified file or directory
3110CertFileOrDir MaxAge [ReportUri] [Modifiers] CertFileOrDir MaxAge [ReportUri] [Modifiers]
3111CertFileOrDir -- 证书的文件或目录。pin-sha256 的源。
MaxAge -- 最大有效期值(以秒为单位)。
ReportUri -- 可选报告 uri。
Modifiers -- 逗号分隔的以下一项或多项的列表:
%1 -- 追加 includeSubDomains。
CertFileOrDir -- file or directory of certificates. Source of pin-sha256.
MaxAge -- max-age value in seconds.
ReportUri -- optional report-uri.
Modifiers -- Comma separated list of one or more of the following:
%1 -- append includeSubDomains.
3112错误 = 打开证书文件。%ws Error = Open certificate file. %ws
3113成功 = 打开证书文件: %ws Success = Open certificate file: %ws
3114正在跳过 = 重复: %ws Skipping = Duplicate: %ws
3115错误 = 无证书 Error = No certificates
3116注册表别名: Registry Aliases:
3117间接密钥名称 Indirect key name
3118================ 强制 NCrypt 开始 ================ ================ Begin force NCrypt ================
3119---------------- 强制 NCrypt 结束 ---------------- ---------------- End force NCrypt ----------------
3120================ Passport 密钥开始 ================ ================ Begin Passport Key ================
3121---------------- Passport 密钥结束 ---------------- ---------------- End Passport Key ----------------
3122调用 CryptUI invoke CryptUI
3123文件 [%1] File [%1]
3124指纹 Thumbprint
4000证书注册 - 用户名/密码凭据 Certificate Enrollment - Username/Password Credential
4001证书注册 - 证书凭据 Certificate Enrollment - Certificate Credential
4050选择证书颁发机构 Select Certification Authority
4051选择证书颁发机构来发送该请求。 Select a Certification Authority to send the request.
52737架构无效,来自服务器的消息格式错误。 Invalid Schema , Message Format Error from server.
52738服务器无法对用户进行身份验证。 Server failed to authenticate the user.
52739用户无权注册。 User is not authorized to enroll.
52742服务器的未处理异常。 Unhandled exception from server.
52747需要重定向,而重定向的位置不是已知的服务器 Redirection is needed and redirected location is not a wellknown server
52748发现失败 Discovery failed
52750已达到注册配额 Registration quota reached
52751操作成功,但需要重新启动计算机 Operation successful but the machine requires a reboot
52752AIK 证书无效或不受信任 The AIK certificate is not valid or trusted
52753传输密钥的证明语句无效 The attestation statement of the transport key is invalid
52754服务器返回无效的消息错误 Server returned a bad message error
52755在令牌中找不到租户 ID Tenant Id is not found in the token
52756在令牌中找不到用户 Sid User Sid is not found in the token
52757设备需要加入经典域 The device is required to be classic domain joined
52758无法从设备中读取某些加入信息 Some join information cannot be read from the device
52763设备未加入 AAD The device is not joined to AAD
52764客户端等待服务器响应超时。 The client timed out while waiting for a server response.
52770令牌不包含设备 ID The token does not contain device ID
52771操作需要多因素身份验证 The operation requires multi-factor authentication
52772找不到指定的用户 The specified user cannot be found
52773服务器正忙 Server is busy
52774已经注册 NGC 密钥 The NGC key is already registered
52775图形目录请求错误 The graph directory request is bad
52776图形请求失败,副本不可用 The graph request failed with replica unavailable
52777服务器限制了图形请求 The graph request was throttled by server
52778已拒绝图形请求 The graph request was denied
52779TPM 锁定或某种其他加密层问题。 TPM lockout or some other crypto layer issue.
52780设备密钥丢失。 The device key is missing.
52781Web 服务器返回错误(非 200) The web server returned an error (non 200)
52782Web 服务器返回成功,但无数据 The web server returned success, but no data
52784AAD 云 AP 插件没有请求的 PRT The AAD Cloud AP Plugin does not have the requested PRT
52812没有用于当前会话的核心 Windows。 There is no core windows for the current thread.
52813无法获取用户令牌 Unable to obtain user token
52814无法接收用户凭据输入 Failed to recieve user creds input
52815用户已取消 AAD 令牌请求 AAD token request was cancelled by user
52816设备未加入 Device is not joined
53225服务器响应消息无效 Server response message is invalid
53226服务器无法对用户或设备进行授权。 Server failed to authorize user or device.
53227服务器响应 http 状态为意外状态 Server response http status is unexpected
53229发送至服务器的请求无效。 The request sent to the server was invalid.
53230证明失败 Attestation failed
53231AIK 证书不再有效。 The AIK certificate is no longer valid.
53232没有为用户注册密钥。 There is no key registered for the user.
53233令牌中没有 UPN。 There is no UPN in the token.
53234一般服务器端目录错误。 The general server side directory error.
53235在目录中找不到请求中指定的设备。 The device specified in the request was not found in the directory.
53236设备未准备好提供用于 NGC 注册的 CXH 方案 ID。 The device is not ready to provide a CXH scenario Id for NGC registration.
53238无法注册 NGC 证书,因为没有企业 SSO。 Failed to enroll for an NGC cert because there is NO Enterprise SSO.
56836用户没有对证书模板的权限,或者 CA 无法访问。 User has no permission on the cert template or CA unreachable.
56837管理服务器的常规故障,例如 DB 访问错误。 Generic Failure from management server, such as DB access error.
56840未知服务器错误。 Unknown server error.
56841另一个注册操作当前正在进行。 Another enrollment operation is currently underway.
56842设备已注册。 Device is already enrolled.
56843设备未注册。 Device is not enrolled.
56845在发现期间,辅助证书日期无效。 During discovery the sec cert date was invalid.
56846需要密码(但未提供) A password is needed (And wasn't supplied)
56847在 WAB 注册过程中出错 An error during WAB enrollment
56848http (或更低级)错误,如 dns 或超时 A http (or lower) error, such as dns or timeout
56850SSL 证书无效 The SSL cert wasn't valid
56851用户注册了过多设备。删除或取消注册旧设备即可修复此错误(用户无需管理员即可解决此问题) User already enrolled too many devices. Delete or unenroll old ones to fix this error (user can fix it without admin)
56852不支持特定平台(例如 Windows)或版本(无需重试或呼叫管理员。用户可以升级设备) Specific platform (e.g. Windows) or version is not supported (no point retrying or calling admin. User could upgrade device)
56853通常不支持移动设备管理(不需呼叫管理员) Mobile device management generally not supported (would save an admin call)
56854设备正在尝试续订,但服务器拒绝该请求。如果 Robo 失败,客户端可能会显示此方面的通知。请检查设备上的时间(用户可以通过重新注册解决此问题) Device is trying to renew but server rejects the request. Client might show notification for this if Robo fails. Check time on device (user can fix it by re-enrolling)
56855帐户正在维护中,请稍后重试(用户可以稍后重试,但可能需要呼叫管理员,因为不知道问题何时解决) Account is in maintenance, retry later (user can retry later but might call admin because doesn't know when problem is solved)
56856用户的许可证处于错误状态,无法注册(用户仍然需要呼叫管理员) License of user is in bad state blocking enrollment (user still needs to call admin)
56857服务器拒绝了注册数据,服务器可能未正确配置 The server rejected the Enrollment Data, the server may not be configured correctly
56858服务器要求从 HTTPS 使用 HTTP,但用户没有确定 The server asked to use HTTP from HTTPS, but the user didn't ok it
56859指示正在尝试对注册执行无效操作,例如注册两次,或取消注册不存在的设备 indicates trying to do an invalid operation on an enrollment, such as enrolling twice, or unenroll one that doesn't exist
56860此 SKU 不允许使用该注册类型 Enrollment type isn't allowed on this SKU
56861未知客户端错误 unknown client side error
56862在 CertificateStore CSP 中预配失败 Provisioning failed in CertificateStore CSP
56863在 W7/DMAcc CSP 中预配失败 Provisioning failed in W7/DMAcc CSP
56864在 DMClient CSP 中预配失败 Provisioning failed in DMClient CSP
56865在 Passport for Work CSP 中预配失败 Provisioning failed in Passport for Work CSP
56866在上面未列出的 CSP 中预配失败 Provisioning failed in a CSP not listed above
56867预配失败,但未指示特定 CSP Provisioning failed, but a specific CSP is not indicated
56868以下情况未找到公共证书: a) 尝试绑定公共证书/私钥时; b) 尝试预配有效负载时(可能定向到错误的存储) the public cert was not found: a) when attempting to bind the public cert/private key or b) when looking into provisioning payload (perhaps targeting the wrong store)
56869在 EnterpriseAppManagement CSP 中预配失败 Provisioning failed in EnterpriseAppManagement CSP
56870已通过 GP、SetManagedExternally() 或其他方式阻止 MDM 管理 MDM Management was blocked, such as via GP or SetManagedExternally()
56871无法根据请求创建私钥 Failed to create the private key as requested
57877?CCM_E_ITEMNOTFOUND? ?CCM_E_ITEMNOTFOUND?
57984CCM_E_EMPTY_CERT_STORE CCM_E_EMPTY_CERT_STORE
57985CCM_E_NO_CERT_MATCHING_CRITERIA CCM_E_NO_CERT_MATCHING_CRITERIA
57986找到多个证书,但未设置“选择第一个证书” More than one certificate found but 'select first cert' was not set
57987CCM_E_MISSING_PRIVATEKEY CCM_E_MISSING_PRIVATEKEY
57988CCM_E_MISSING_SUBJECT_NAME CCM_E_MISSING_SUBJECT_NAME
57989有效的搜索条件谓词是 'Subject:'、'SubjectStr:' 和 'SubjectAtr:' Valida search criteria verbs are 'Subject:', 'SubjectStr:' and 'SubjectAtr:'
57990CCM_E_INVALID_SMS_AUTHORITY CCM_E_INVALID_SMS_AUTHORITY
57991CCM_E_MISSING_SITE_SIGNING_CERT CCM_E_MISSING_SITE_SIGNING_CERT
57992与解压缩 CI/SDM 包相关的错误 Failures related to decompressing CIs/SDM packages
58000作业不包含任何文件,无需执行操作 job contains no files, no action to perform
58001客户端没有任何已分配的 TS Client doesn't have any assigned TS
58002客户端无法计算 InBand Auth 的消息签名 Client unable to compute Message Signature for InBand Auth
58003客户端无法刷新站点服务器签名证书 Client unable to Refresh Site server signing certificate
58004客户端无法验证策略 Client Unable to verify Policy
58005客户端找不到有效的注册证书 Client Unable to find a valid Registration certificate
58006客户端无法处理一个或多个 CI The client failed to process one or more CIs
58007CCM_E_INVALID_KEY CCM_E_INVALID_KEY
58008无法验证客户端的数据库记录 The client's database record could not be validated
58009客户端无法识别这些类型的签名(用于增量下载) The client does not recognize these type of signature (for delta download)
58010更多客户端注册错误 More client registration error
58012客户端从服务器收到重置注册 The Client received a reset registration from Server
58013客户端版本与主站点版本不兼容。 Client version is not compatible with the primary site version.
58014CCM_E_HASH_MISMATCH CCM_E_HASH_MISMATCH
59648?CCM_E_CERTENROLL_SCEP_CERTREQUEST_PENDING? ?CCM_E_CERTENROLL_SCEP_CERTREQUEST_PENDING?
59649?CCM_E_CERTENROLL_SCEP_CERTREQUEST_UNEXPECTED? ?CCM_E_CERTENROLL_SCEP_CERTREQUEST_UNEXPECTED?
59650?CCM_E_CERTENROLL_SCEP_CERTREQUEST_FAILURE? ?CCM_E_CERTENROLL_SCEP_CERTREQUEST_FAILURE?
59651?CCM_E_CERTENROLL_SCEP_CERTREQUEST_BADALGORITHM? ?CCM_E_CERTENROLL_SCEP_CERTREQUEST_BADALGORITHM?
59652?CCM_E_CERTENROLL_SCEP_CERTREQUEST_BADMESSAGE? ?CCM_E_CERTENROLL_SCEP_CERTREQUEST_BADMESSAGE?
59653?CCM_E_CERTENROLL_SCEP_CERTREQUEST_BADTRANSACTION? ?CCM_E_CERTENROLL_SCEP_CERTREQUEST_BADTRANSACTION?
59654?CCM_E_CERTENROLL_SCEP_CERTREQUEST_BADSIGNINGTIME? ?CCM_E_CERTENROLL_SCEP_CERTREQUEST_BADSIGNINGTIME?
59655?CCM_E_CERTENROLL_SCEP_CERTREQUEST_BADCERTID? ?CCM_E_CERTENROLL_SCEP_CERTREQUEST_BADCERTID?
59656?CCM_E_CERTENROLL_SCEP_SERVERCERT_EMPTY? ?CCM_E_CERTENROLL_SCEP_SERVERCERT_EMPTY?
59657?CCM_E_CERTENROLL_SCEP_SERVERCAP_EMPTY? ?CCM_E_CERTENROLL_SCEP_SERVERCAP_EMPTY?
59664?CCM_E_CERTENROLL_SCEP_PKIOPRESPONSE_EMPTY? ?CCM_E_CERTENROLL_SCEP_PKIOPRESPONSE_EMPTY?
59665?CCM_E_CERTENROLL_SCEP_TPM_UNAVAILABLE? ?CCM_E_CERTENROLL_SCEP_TPM_UNAVAILABLE?
61440在初始化尚未完成时,尝试了执行操作。 An attempt was made to perform an operation when initialization has not yet been completed.
61441输入 XML 的格式不正确。 The input XML is improperly formatted.
61442对象已存在。 The object already exists.
61443计算导致整数溢出。 A calculation resulted in an integer overflow.
61444计算导致整数下溢。 A calculation resulted in an integer underflow.
61445尝试回退失败。 An attempted rollback has failed.
61446CSP 运行 outproc 时发生错误。 A failure happens when CSP runs outproc.
61696会话已中止。 The session has been aborted.
61698服务器身份验证失败。 Authentication of the server failed.
61700用户已选择拒绝管理操作。 The user has chosen to reject management actions.
61701在意外类型的节点上执行了操作。 An action was performed on a node with an unexpected type.
61702用户已选择取消管理操作。 The user has chosen to cancel management actions.
61703已绕过管理命令。 The management command has been bypassed.
61704等待用户确认时某个对话已超时。 A dialog has timed out while awaiting user acknowledgement.
61705要显示的文本太大。 Text to be displayed is too large.
61707推送消息数据出现某种分析错误。 The push message data has some parsing error.
61709仍在处理前一条保持活动消息,但服务器发送了新命令。 Previous keep alive message is still being processed and server send down new commands.
61710正在处理跨多条消息的结果。 Processing results that span multiple messages.
61711找不到要安装证书的 NGC 密钥。 Cannot find NGC Key to install the certificate to.
61952OMA-DM 服务器回复了一个状态代码值,指出客户端的 SyncHdr 出错 The OMA-DM server replied with a Status code value indicating an error for the client's SyncHdr
61953由于收到 407 响应,会话已中止。 The session has been aborted because a 407 response was received.
61954由于用户取消操作,会话已中止。 The session has been aborted due to user cancellation.
61956由于设备处于漫游状态,在此情况下不允许 DM,因此会话已中止。 The session has been aborted because the device is in roaming state and DM is not allowed in this case.
61957由于服务器提供的 HMAC 与消息正文不匹配,会话已中止。 The session has been aborted because the HMAC provided by server didn't match with the message body.
61958由于正在删除帐户,会话已中止。 The session has been aborted because the account is being deleted.
61959由于不允许进一步重试,会话已中止。 The session has been aborted because no more retry allowed.
61960由于收到零字节数据响应,会话已中止。 The session has been aborted because zero-byte data response was received.
61961不允许建立更多同步会话。 No more sync session allowed.
61962SSLCertCriteria 无效。 The SSLCertCriteria is not valid.
62097由于收到 401 响应,会话已中止。 The session has been aborted because a 401 response was received.
62099由于收到 403 响应,会话已中止。 The session has been aborted because a 403 response was received.
62100由于收到 404 响应,会话已中止。 The session has been aborted because a 404 response was received.
62109由于收到 413 响应,会话已中止。 The session has been aborted because a 413 response was received.
62208当前对象未就绪,不可供使用。 The current object is not ready for use.
62209流未就绪,不可供使用。 Stream is not ready for use.
62210数据。 Data .
62211压缩已损坏。 Compression corrupted.
62212Name 不是有效的文件名。 Name is not a valid filename.
62213不存在使用指定名称的文件。 There is no file by the specified name.
62214找不到卸载文件。 Uninstall file not found.
62215文件意外地处于只读状态。 File is unexpectedly readonly.
62216Zip 存档无效。 Zip archive is invalid.
62217压缩方法不受支持 Unsupported compression method
62219流无效。 Invalid stream.
62220不支持该格式。 Format is not supported.
62221zip 项无效。 Invalid zip item.
62223无法加载 zlib dll。 Cannot load zlib dll.
62224找不到所需的已导出方法。 Cannot find expected exported method.

EXIF

File Name:certutil.exe.mui
Directory:%WINDIR%\WinSxS\amd64_microsoft-windows-certutil.resources_31bf3856ad364e35_10.0.15063.0_zh-cn_40bd10833e226e63\
File Size:90 kB
File Permissions:rw-rw-rw-
File Type:Win32 DLL
File Type Extension:dll
MIME Type:application/octet-stream
Machine Type:Intel 386 or later, and compatibles
Time Stamp:0000:00:00 00:00:00
PE Type:PE32
Linker Version:14.10
Code Size:0
Initialized Data Size:91648
Uninitialized Data Size:0
Entry Point:0x0000
OS Version:10.0
Image Version:10.0
Subsystem Version:6.0
Subsystem:Windows GUI
File Version Number:10.0.15063.0
Product Version Number:10.0.15063.0
File Flags Mask:0x003f
File Flags:(none)
File OS:Windows NT 32-bit
Object File Type:Executable application
File Subtype:0
Language Code:Chinese (Simplified)
Character Set:Unicode
Company Name:Microsoft Corporation
File Description:CertUtil.exe
File Version:10.0.15063.0 (WinBuild.160101.0800)
Internal Name:CertUtil.exe
Legal Copyright:© Microsoft Corporation. All rights reserved.
Original File Name:CertUtil.exe.mui
Product Name:Microsoft® Windows® Operating System
Product Version:10.0.15063.0
Directory:%WINDIR%\WinSxS\x86_microsoft-windows-certutil.resources_31bf3856ad364e35_10.0.15063.0_zh-cn_e49e74ff85c4fd2d\

What is certutil.exe.mui?

certutil.exe.mui is Multilingual User Interface resource file that contain Chinese (Simplified) language for file certutil.exe (CertUtil.exe).

File version info

File Description:CertUtil.exe
File Version:10.0.15063.0 (WinBuild.160101.0800)
Company Name:Microsoft Corporation
Internal Name:CertUtil.exe
Legal Copyright:© Microsoft Corporation. All rights reserved.
Original Filename:CertUtil.exe.mui
Product Name:Microsoft® Windows® Operating System
Product Version:10.0.15063.0
Translation:0x804, 1200