File name: | certutil.exe.mui |
Size: | 176128 byte |
MD5: | f2436cfb0e297f660b4809068ffcab26 |
SHA1: | 9566074b821608ea05fa4cd50ef6b2babcc3a59e |
SHA256: | d81b828ecd9c91dc5c7495e095967ad23f6e0ed8b17505e698c095de200f9f83 |
Operating systems: | Windows 10 |
Extension: | MUI |
In x64: | certutil.exe CertUtil.exe (32-bit) |
If an error occurred or the following message in English (U.S.) language and you cannot find a solution, than check answer in English. Table below helps to know how correctly this phrase sounds in English.
id | English (U.S.) | English |
---|---|---|
211 | PKCS #7 (*.p7b)|*.p7b|X.509 Certificate (*.cer;*.crt)|*.cer;*.crt|Personal Information Exchange (*.p12, *.pfx)|*.pfx|All Files (*.*)|*.*|| | PKCS #7 (*.p7b)|*.p7b|X.509 Certificate (*.cer;*.crt)|*.cer;*.crt|Personal Information Exchange (*.p12, *.pfx)|*.pfx|All Files (*.*)|*.*|| |
212 | Select file to complete CA installation | Select file to complete CA installation |
213 | Unknown provider name | Unknown provider name |
214 | Cannot find the certificate for %1 to build a certificate chain. Do you wish to install this certificate now? | Cannot find the certificate for %1 to build a certificate chain. Do you wish to install this certificate now? |
215 | Cannot verify certificate chain. Do you wish to ignore the error and continue? | Cannot verify certificate chain. Do you wish to ignore the error and continue? |
216 | An error occurred retrieving the pending certificate from %1: |
An error occurred retrieving the pending certificate from %1: |
217 | Get Server CA Name | Get Server CA Name |
218 | Select CA | Select CA |
230 | Save certificate and Keys | Save certificate and Keys |
231 | Retrieve Certificate | Retrieve Certificate |
232 | Finish Suspended Setup | Finish Suspended Setup |
233 | The certificate is not a CA certificate. | The certificate is not a CA certificate. |
234 | Setup complete | Setup complete |
235 | Retrieve Pending Certificate | Retrieve Pending Certificate |
236 | Key Index | Key Index |
237 | Load Old Certificate | Load Old Certificate |
238 | Clone Root Certificate | Clone Root Certificate |
239 | Build Request | Build Request |
240 | Renew CA -- reuse keys | Renew CA -- reuse keys |
241 | Install CA Certificate | Install CA Certificate |
242 | Renew CA -- new keys | Renew CA -- new keys |
243 | Build CA Certificate | Build CA Certificate |
244 | Save Chain and Keys | Save Chain and Keys |
245 | If you want to send the request to an offline CA, click Cancel and send the request file at %1 to your parent CA. | If you want to send the request to an offline CA, click Cancel and send the request file at %1 to your parent CA. |
246 | Create DS CDP object | Create DS CDP object |
247 | Create DS enrollment services object | Create DS enrollment services object |
248 | Create DS Root Trust | Create DS Root Trust |
249 | Publish CA in DS | Publish CA in DS |
250 | Submit Request | Submit Request |
251 | An error occurred when creating the new key container "%1". Please make sure the CSP is installed correctly or select another CSP. |
An error occurred when creating the new key container "%1". Please make sure the CSP is installed correctly or select another CSP. |
252 | The Certification Authority certificate has a bad length: | The Certification Authority certificate has a bad length: |
253 | The new Certification Authority certificate cannot be installed because the CA Version extension is incorrect. The most recently generated request file should be used to obtain the new certificate: %1 | The new Certification Authority certificate cannot be installed because the CA Version extension is incorrect. The most recently generated request file should be used to obtain the new certificate: %1 |
254 | The root certificate is untrusted. Do you wish to trust the root certificate on this machine and complete the installation? | The root certificate is untrusted. Do you wish to trust the root certificate on this machine and complete the installation? |
255 | Cannot add the Certification Authority certificate to the certificate store: | Cannot add the Certification Authority certificate to the certificate store: |
256 | Cannot create a certificate context using the Certification Authority certificate: | Cannot create a certificate context using the Certification Authority certificate: |
257 | Unreferenced INF sections | Unreferenced INF sections |
258 | Set Security | Set Security |
259 | Cannot create file %1: | Cannot create file %1: |
260 | The existing private key "%1" cannot be deleted. Either reuse this key, or use a different name for the CA. |
The existing private key "%1" cannot be deleted. Either reuse this key, or use a different name for the CA. |
261 | Cannot encode key attributes: | Cannot encode key attributes: |
262 | Cannot encode certificate: | Cannot encode certificate: |
263 | The %SystemRoot% environment variable is not set. | The %SystemRoot% environment variable is not set. |
264 | This key storage device is full and the new key "%1" could not be added. Go back and pick an existing key, or use a different key storage device. |
This key storage device is full and the new key "%1" could not be added. Go back and pick an existing key, or use a different key storage device. |
265 | An error occurred when generating key "%1" for the Active Directory Certificate Services service. Either the CSP configuration is not complete or the key length is not supported. Please make sure the CSP is installed correctly or select another CSP. |
An error occurred when generating key "%1" for the Active Directory Certificate Services service. Either the CSP configuration is not complete or the key length is not supported. Please make sure the CSP is installed correctly or select another CSP. |
266 | Cannot determine the computer name: | Cannot determine the computer name: |
267 | An error occurred when setting the security access on the private key "%1", or the CSP selected does not support setting security access on private keys. Please make sure the CSP is installed correctly or select another CSP. |
An error occurred when setting the security access on the private key "%1", or the CSP selected does not support setting security access on private keys. Please make sure the CSP is installed correctly or select another CSP. |
268 | Cannot decode Certification Authority name information: | Cannot decode Certification Authority name information: |
269 | The parent CA has denied your request because you are not a domain administrator. (%1) To obtain the certificate for your CA, you must request the certificate as a domain administrator. You can install the certificate using the Certification Authority snap-in. |
The parent CA has denied your request because you are not a domain administrator. (%1) To obtain the certificate for your CA, you must request the certificate as a domain administrator. You can install the certificate using the Certification Authority snap-in. |
270 | The new certificate subject Common Name does not match the active CA name: | The new certificate subject Common Name does not match the active CA name: |
271 | Generate Keys | Generate Keys |
272 | An error was detected while configuring Active Directory Certificate Services. The Active Directory Certificate Services Setup Wizard will need to be rerun to complete the configuration. |
An error was detected while configuring Active Directory Certificate Services. The Active Directory Certificate Services Setup Wizard will need to be rerun to complete the configuration. |
273 | The parent CA has denied your request for a CA certificate. Please contact the parent CA administrator. (%1) |
The parent CA has denied your request for a CA certificate. Please contact the parent CA administrator. (%1) |
274 | An error occurred when the parent CA processed this CA certificate request. Please contact the parent CA administrator. (%1) |
An error occurred when the parent CA processed this CA certificate request. Please contact the parent CA administrator. (%1) |
275 | This CA certificate request did not complete. Please contact the parent CA administrator. (%1) |
This CA certificate request did not complete. Please contact the parent CA administrator. (%1) |
276 | This CA certificate will be issued administratively. Please contact the parent CA administrator. (%1) |
This CA certificate will be issued administratively. Please contact the parent CA administrator. (%1) |
277 | This CA certificate request is in the pending state. Please contact the parent CA administrator. (%1) |
This CA certificate request is in the pending state. Please contact the parent CA administrator. (%1) |
278 | This CA certificate was revoked by the parent CA. Please contact the parent CA administrator. (%1) |
This CA certificate was revoked by the parent CA. Please contact the parent CA administrator. (%1) |
279 | Cannot set the key provider information for the certificate context: | Cannot set the key provider information for the certificate context: |
280 | Cannot submit the certificate request to the specified CA. Please ensure that the CA information is correct and that the CA is online. Note: only CAs running the Microsoft Active Directory Certificate Services are supported. |
Cannot submit the certificate request to the specified CA. Please ensure that the CA information is correct and that the CA is online. Note: only CAs running the Microsoft Active Directory Certificate Services are supported. |
281 | Cannot submit the certificate request to the specified CA. (%1) To obtain the certificate for your CA, you can install the certificate using the Certification Authority snap-in. |
Cannot submit the certificate request to the specified CA. (%1) To obtain the certificate for your CA, you can install the certificate using the Certification Authority snap-in. |
282 | The new certificate subject name does not exactly match the active CA name. Renew with a new key to allow minor subject name changes: |
The new certificate subject name does not exactly match the active CA name. Renew with a new key to allow minor subject name changes: |
283 | The new certificate public key does not match the current outstanding request. The wrong request may have been used to generate the new certificate: |
The new certificate public key does not match the current outstanding request. The wrong request may have been used to generate the new certificate: |
284 | Find certificate for %1 | Find certificate for %1 |
285 | Cannot write the Certification Authority certificate to file "%1": | Cannot write the Certification Authority certificate to file "%1": |
286 | Cannot write to file %1: | Cannot write to file %1: |
287 | INF file error | INF file error |
288 | Set Key Security | Set Key Security |
289 | Parent CA = | Parent CA = |
290 | Request ID = | Request ID = |
291 | Microsoft Active Directory Certificate Services | Microsoft Active Directory Certificate Services |
292 | Set Directory Security | Set Directory Security |
299 | An error occurred when creating the new key container "%1". You do not have write access permission to the key container. Please use a different CA name. |
An error occurred when creating the new key container "%1". You do not have write access permission to the key container. Please use a different CA name. |
301 | Dump configuration information or file | Dump configuration information or file |
302 | Get default configuration string | Get default configuration string |
303 | Get default configuration string via ICertGetConfig | Get default configuration string via ICertGetConfig |
304 | CA Version | CA Version |
305 | Decode hexadecimal-encoded file | Decode hexadecimal-encoded file |
306 | Decode Base64-encoded file | Decode Base64-encoded file |
307 | Encode file to Base64 | Encode file to Base64 |
308 | Deny pending request | Deny pending request |
309 | Resubmit pending request | Resubmit pending request |
310 | Revoke Certificate | Revoke Certificate |
311 | Publish new CRLs [or delta CRLs only] | Publish new CRLs [or delta CRLs only] |
312 | Get CRL | Get CRL |
313 | Display current certificate disposition | Display current certificate disposition |
314 | Set attributes for pending request | Set attributes for pending request |
315 | Set extension for pending request | Set extension for pending request |
316 | Retrieve the CA's certificate | Retrieve the CA's certificate |
317 | Retrieve the CA's certificate chain | Retrieve the CA's certificate chain |
318 | UserKeyAndCertFile [CertId] | UserKeyAndCertFile [CertId] |
319 | Import user keys and certificates into server database for key archival | Import user keys and certificates into server database for key archival |
320 | Dump Raw Database | Dump Raw Database |
321 | Verify public/private key set | Verify public/private key set |
322 | Verify certificate, CRL or chain | Verify certificate, CRL or chain |
323 | Check certificate for 0x7f length encodings | Check certificate for 0x7f length encodings |
324 | Display this usage message | Display this usage message |
325 | Verbose operation | Verbose operation |
326 | Use IDispatch instead of COM native methods | Use IDispatch instead of COM native methods |
327 | Reverse Log and Queue columns | Reverse Log and Queue columns |
328 | Options: | Options: |
329 | Unrecognized Reason | Unrecognized Reason |
330 | InFile OutFile | InFile OutFile |
331 | Column Name Localized Name Type MaxLength | Column Name Localized Name Type MaxLength |
332 | ---------------------------- ---------------------------- ------ --------- | ---------------------------- ---------------------------- ------ --------- |
333 | RequestId | RequestId |
335 | SerialNumber [Reason] | SerialNumber [Reason] |
336 | [%3 | %1] [%2] | [%3 | %1] [%2] |
337 | OutFile [Index] [%1] | OutFile [Index] [%1] |
338 | SerialNumber | CertHash | SerialNumber | CertHash |
339 | RequestId AttributeString | RequestId AttributeString |
340 | RequestId ExtensionName Flags {Long | Date | String | @InFile} | RequestId ExtensionName Flags {Long | Date | String | @InFile} |
341 | OutCACertFile [Index] | OutCACertFile [Index] |
342 | OutCACertChainFile [Index] | OutCACertChainFile [Index] |
343 | [KeyContainerName CACertFile] | [KeyContainerName CACertFile] |
344 | CertFile [ApplicationPolicyList | - [IssuancePolicyList]] [Modifiers] CertFile [CACertFile [CrossedCACertFile]] CRLFile CACertFile [IssuedCertFile] CRLFile CACertFile [DeltaCRLFile] |
CertFile [ApplicationPolicyList | - [IssuancePolicyList]] [Modifiers] CertFile [CACertFile [CrossedCACertFile]] CRLFile CACertFile [IssuedCertFile] CRLFile CACertFile [DeltaCRLFile] |
345 | CertFile | CertFile |
346 | Out of memory | Out of memory |
347 | Missing %ws arg | Missing %ws arg |
348 | Unknown arg: %ws | Unknown arg: %ws |
349 | Multiple verb args: %ws | Multiple verb args: %ws |
350 | Missing argument | Missing argument |
351 | Too many arguments | Too many arguments |
352 | Internal verb table error | Internal verb table error |
353 | Unexpected "-%ws" option | Unexpected "-%ws" option |
354 | Usage: | Usage: |
355 | Options | Options |
356 | Verbs: | Verbs: |
357 | ObjectId -- ObjectId to display or to add display name GroupId -- decimal GroupId number for ObjectIds to enumerate AlgId -- hexadecimal AlgId for ObjectId to look up AlgorithmName -- Algorithm Name for ObjectId to look up DisplayName -- Display Name to store in DS %1 -- delete display name LanguageId -- Language Id (defaults to current: %2) Type -- DS object type to create: 1 for Template (default), 2 for Issuance Policy, 3 for Application Policy Use %3 to create DS object. |
ObjectId -- ObjectId to display or to add display name GroupId -- decimal GroupId number for ObjectIds to enumerate AlgId -- hexadecimal AlgId for ObjectId to look up AlgorithmName -- Algorithm Name for ObjectId to look up DisplayName -- Display Name to store in DS %1 -- delete display name LanguageId -- Language Id (defaults to current: %2) Type -- DS object type to create: 1 for Template (default), 2 for Issuance Policy, 3 for Application Policy Use %3 to create DS object. |
358 | -- Indexed | -- Indexed |
359 | Input Length = %d | Input Length = %d |
360 | No Key Authority serial number | No Key Authority serial number |
361 | Output Length = %d | Output Length = %d |
362 | DecodeFile returned %ws | DecodeFile returned %ws |
363 | EncodeToFile returned %ws | EncodeToFile returned %ws |
364 | Issuer | Issuer |
365 | Subject | Subject |
366 | ERROR: CA Issuer name does not match Key Authority name (%x) | ERROR: CA Issuer name does not match Key Authority name (%x) |
367 | CA Issuer name matches Key Authority name | CA Issuer name matches Key Authority name |
368 | No Key Authority name | No Key Authority name |
369 | ERROR: Issuer serial number does not match Key Authority | ERROR: Issuer serial number does not match Key Authority |
370 | Issuer serial number matches Key Authority | Issuer serial number matches Key Authority |
371 | Issuer Name | Issuer Name |
372 | KeyAuthority Name | KeyAuthority Name |
373 | KeyId: | KeyId: |
374 | Key Authority SerialNumber: | Key Authority SerialNumber: |
375 | CA Serial Number: | CA Serial Number: |
376 | Process: | Process: |
377 | [DomainDN | -] | [DomainDN | -] |
378 | LoadKeys returned %ws | LoadKeys returned %ws |
379 | LoadCert returned %ws | LoadCert returned %ws |
380 | ERROR: Certificate public key does NOT match stored keyset | ERROR: Certificate public key does NOT match stored keyset |
381 | Container Public Key: | Container Public Key: |
382 | Certificate Public Key: | Certificate Public Key: |
383 | Key "%ws" verifies as the public key for Certificate "%ws" | Key "%ws" verifies as the public key for Certificate "%ws" |
384 | Key "%ws" does NOT verify as the public key for Certificate "%ws" | Key "%ws" does NOT verify as the public key for Certificate "%ws" |
385 | Leaf certificate is REVOKED (Reason=%x) | Leaf certificate is REVOKED (Reason=%x) |
386 | ERROR: Verifying leaf certificate revocation status returned %ws | ERROR: Verifying leaf certificate revocation status returned %ws |
387 | Cannot check leaf certificate revocation status | Cannot check leaf certificate revocation status |
388 | Leaf certificate revocation check passed | Leaf certificate revocation check passed |
389 | LoadCert(Cert) returned %ws | LoadCert(Cert) returned %ws |
390 | LoadCert(CA) returned %ws | LoadCert(CA) returned %ws |
391 | Cert | Cert |
392 | Issuing CA Cert | Issuing CA Cert |
393 | Cert Serial Number: | Cert Serial Number: |
394 | Issuing CA Cert Serial Number: | Issuing CA Cert Serial Number: |
395 | Issuing CA is not a root: Subject name does not match Issuer | Issuing CA is not a root: Subject name does not match Issuer |
396 | ERROR: Issuing CA Subject name does not match Cert Issuer | ERROR: Issuing CA Subject name does not match Cert Issuer |
397 | Issuing CA Subject name matches Cert Issuer | Issuing CA Subject name matches Cert Issuer |
398 | CertVerifySubjectCertificateContext Flags = %x -- | CertVerifySubjectCertificateContext Flags = %x -- |
399 | ERROR: Certificate validation failure: %x | ERROR: Certificate validation failure: %x |
400 | ERROR: CA did not issue Certificate: Signature check failed | ERROR: CA did not issue Certificate: Signature check failed |
401 | ERROR: Certificate has expired | ERROR: Certificate has expired |
402 | Certificate is current | Certificate is current |
403 | Contains CRL_DIST_POINTS revocation-check extension | Contains CRL_DIST_POINTS revocation-check extension |
404 | Contains NETSCAPE_REVOCATION_URL revocation-check extension | Contains NETSCAPE_REVOCATION_URL revocation-check extension |
405 | Certificate has no revocation-check extension | Certificate has no revocation-check extension |
406 | %ws verifies as issued by %ws | %ws verifies as issued by %ws |
407 | %ws does NOT verify (issued by %ws) | %ws does NOT verify (issued by %ws) |
408 | -- Revocation check skipped. | -- Revocation check skipped. |
409 | -- Revocation check passed. | -- Revocation check passed. |
410 | -- Revocation check: REVOKED. | -- Revocation check: REVOKED. |
411 | -- Revocation check FAILED. | -- Revocation check FAILED. |
412 | Signature matches Public Key | Signature matches Public Key |
413 | CRL Entries: | CRL Entries: |
414 | Cert: | Cert: |
415 | ??? | ??? |
416 | Suspect length in | Suspect length in |
417 | : field=%ws | : field=%ws |
418 | , oid=%ws | , oid=%ws |
419 | Extension %d: oid="%hs" fcrit=%u length=%x | Extension %d: oid="%hs" fcrit=%u length=%x |
420 | Signature does not match Public key: %x | Signature does not match Public key: %x |
421 | Cannot decode object: %ws | Cannot decode object: %ws |
422 | Algorithm ObjectId | Algorithm ObjectId |
423 | Algorithm Parameters: | Algorithm Parameters: |
424 | NULL | NULL |
425 | Public Key: UnusedBits = %u | Public Key: UnusedBits = %u |
426 | ChallengeString: "%ws" | ChallengeString: "%ws" |
427 | Config String: "%ws" | Config String: "%ws" |
428 | ICertGetConfig Config String: "%ws" | ICertGetConfig Config String: "%ws" |
429 | Certificate request is pending: RequestId: %u | Certificate request is pending: RequestId: %u |
430 | Certificate issued. | Certificate issued. |
431 | Certificate has not been issued: Disposition: %d -- %ws | Certificate has not been issued: Disposition: %d -- %ws |
432 | Certificate disposition for "%ws" is invalid | Certificate disposition for "%ws" is invalid |
433 | Certificate disposition for "%ws" is valid | Certificate disposition for "%ws" is valid |
434 | Certificate disposition for "%ws" is revoked (%ws) | Certificate disposition for "%ws" is revoked (%ws) |
435 | Date | Date |
436 | Long | Long |
437 | String | String |
438 | Binary | Binary |
439 | Schema: | Schema: |
440 | Row %u: | Row %u: |
441 | Opening Database %ws | Opening Database %ws |
442 | EMPTY | EMPTY |
443 | error = %ws | error = %ws |
444 | , | , |
445 | Any Format | Any Format |
446 | PKCS10 | PKCS10 |
447 | KeyGen Tag | KeyGen Tag |
448 | PKCS7 | PKCS7 |
449 | Unknown | Unknown |
450 | Force Teletex | Force Teletex |
451 | Renewal | Renewal |
452 | Critical | Critical |
453 | Disabled | Disabled |
454 | PolicyFlags=%x | PolicyFlags=%x |
455 | Request | Request |
456 | Policy | Policy |
457 | Admin | Admin |
458 | Server | Server |
459 | UNKNOWN | UNKNOWN |
460 | Origin=%ws | Origin=%ws |
461 | ???=%x | ???=%x |
462 | Get configuration via ICertConfig | Get configuration via ICertConfig |
463 | Request Properties: | Request Properties: |
464 | Certificate Properties: | Certificate Properties: |
465 | Command Line | Command Line |
466 | Sanitized Name: | Sanitized Name: |
467 | %ws: Flags = %x%ws, Length = %x | %ws: Flags = %x%ws, Length = %x |
468 | Expected at least %u args, received %u | Expected at least %u args, received %u |
469 | Expected no more than %u args, received %u | Expected no more than %u args, received %u |
470 | No active Certification Authorities found: %ws | No active Certification Authorities found: %ws |
471 | %ws: -%ws command FAILED: %ws | %ws: -%ws command FAILED: %ws |
473 | None | None |
474 | Other | Other |
476 | IssuerRDN | IssuerRDN |
477 | IssuerRDNAttribute | IssuerRDNAttribute |
478 | IssuerRDNString | IssuerRDNString |
480 | SubjectRDN | SubjectRDN |
481 | SubjectRDNAttribute | SubjectRDNAttribute |
482 | SubjectRDNString | SubjectRDNString |
483 | Extensions | Extensions |
484 | ExtensionArray | ExtensionArray |
485 | Extension | Extension |
486 | ExtensionValue | ExtensionValue |
487 | ExtensionValueRaw | ExtensionValueRaw |
488 | No key provider information | No key provider information |
489 | Dump Certificate View | Dump Certificate View |
490 | %ws added to DS store. | %ws added to DS store. |
491 | Ping Active Directory Certificate Services Request interface | Ping Active Directory Certificate Services Request interface |
492 | Ping Active Directory Certificate Services Admin interface | Ping Active Directory Certificate Services Admin interface |
493 | Name: | Name: |
494 | Organizational Unit: | Organizational Unit: |
495 | Organization: | Organization: |
496 | Locality: | Locality: |
497 | State: | State: |
498 | Country/region: | Country/region: |
499 | Config: | Config: |
500 | Exchange Certificate: | Exchange Certificate: |
501 | Signature Certificate: | Signature Certificate: |
502 | Description: | Description: |
503 | Server: | Server: |
504 | Authority: | Authority: |
505 | Entry | Entry |
506 | Certificate Extensions: | Certificate Extensions: |
507 | Request Attributes: | Request Attributes: |
508 | Shutdown Active Directory Certificate Services | Shutdown Active Directory Certificate Services |
509 | Command Status | Command Status |
510 | Dump Certificate Schema | Dump Certificate Schema |
511 | Command Succeeded | Command Succeeded |
512 | Password | Password |
513 | X509 Certificate: | X509 Certificate: |
514 | X509 Certificate Revocation List: | X509 Certificate Revocation List: |
515 | PKCS10 Certificate Request: | PKCS10 Certificate Request: |
516 | KeyGen Certificate Request: | KeyGen Certificate Request: |
517 | Version: %u | Version: %u |
518 | Serial Number: | Serial Number: |
519 | Signature Algorithm: | Signature Algorithm: |
520 | Public Key Algorithm: | Public Key Algorithm: |
521 | Issuer Unique Id: | Issuer Unique Id: |
522 | Subject Unique Id: | Subject Unique Id: |
523 | NotBefore: | NotBefore: |
524 | NotAfter: | NotAfter: |
525 | ThisUpdate: | ThisUpdate: |
526 | NextUpdate: | NextUpdate: |
527 | Revocation Date: | Revocation Date: |
528 | Extensions: | Extensions: |
529 | CRL Extensions: | CRL Extensions: |
530 | PKCS7 Message: | PKCS7 Message: |
531 | Possible Root Certificate: Subject matches Issuer, but Signature check fails: %x | Possible Root Certificate: Subject matches Issuer, but Signature check fails: %x |
532 | Non-root Certificate | Non-root Certificate |
533 | Root Certificate: Subject matches Issuer | Root Certificate: Subject matches Issuer |
534 | Non-root Certificate uses same Public Key as Issuer | Non-root Certificate uses same Public Key as Issuer |
535 | Revoking "%ws" | Revoking "%ws" |
536 | Enter PFX password: | Enter PFX password: |
537 | No built-in formatting support | No built-in formatting support |
538 | Private Key: | Private Key: |
539 | Length | Length |
540 | Display times as GMT | Display times as GMT |
541 | GMT | GMT |
542 | BackupDirectory | BackupDirectory |
543 | Backup Active Directory Certificate Services certificate and private key | Backup Active Directory Certificate Services certificate and private key |
544 | BackupDirectory | PFXFile | BackupDirectory | PFXFile |
545 | Restore Active Directory Certificate Services certificate and private key | Restore Active Directory Certificate Services certificate and private key |
546 | [CertificateStoreName [CertId [OutputFile]]] | [CertificateStoreName [CertId [OutputFile]]] |
547 | Dump certificate store | Dump certificate store |
548 | ProviderType = %x | ProviderType = %x |
549 | Key Container = %ws | Key Container = %ws |
550 | Provider = %ws | Provider = %ws |
551 | KeySpec = %x | KeySpec = %x |
552 | Flags | Flags |
553 | Restored keys and certificates for %ws\%ws from %ws. | Restored keys and certificates for %ws\%ws from %ws. |
554 | Backed up keys and certificates for %ws\%ws to %ws. | Backed up keys and certificates for %ws\%ws to %ws. |
555 | [CACertFile] | [CACertFile] |
556 | Install Certification Authority certificate | Install Certification Authority certificate |
557 | PKCS7 Message Content: | PKCS7 Message Content: |
558 | Authenticated Attributes | Authenticated Attributes |
559 | Signing Certificate Index | Signing Certificate Index |
560 | ================ Begin Nesting Level %d ================ | ================ Begin Nesting Level %d ================ |
561 | ---------------- End Nesting Level %d ---------------- | ---------------- End Nesting Level %d ---------------- |
562 | %ws: Lang %08x (%u.%u) | %ws: Lang %08x (%u.%u) |
563 | File %u.%u:%u.%u | File %u.%u:%u.%u |
564 | Product %u.%u:%u.%u |
Product %u.%u:%u.%u |
565 | No Signer | No Signer |
566 | No PKCS7 Message Content | No PKCS7 Message Content |
567 | No Certificates | No Certificates |
568 | No CRLs | No CRLs |
569 | Certificates: | Certificates: |
570 | CRLs: | CRLs: |
571 | Renewal Certificate: | Renewal Certificate: |
572 | Encrypted Hash: | Encrypted Hash: |
573 | %d attributes: | %d attributes: |
574 | Attribute | Attribute |
575 | Value[%d][%d], Length = %x | Value[%d][%d], Length = %x |
576 | BackupDirectory [%1] [%2] | BackupDirectory [%1] [%2] |
577 | Backup Active Directory Certificate Services database | Backup Active Directory Certificate Services database |
579 | Restore Active Directory Certificate Services database | Restore Active Directory Certificate Services database |
580 | Reason: Unspecified | Reason: Unspecified |
581 | Reason: Key Compromise | Reason: Key Compromise |
582 | Reason: CA Compromise | Reason: CA Compromise |
583 | Reason: Affiliation Changed | Reason: Affiliation Changed |
584 | Reason: Superseded | Reason: Superseded |
585 | Reason: Cessation of Operation | Reason: Cessation of Operation |
586 | Reason: Certificate Hold | Reason: Certificate Hold |
587 | Reason: Remove From CRL | Reason: Remove From CRL |
588 | List CSPs installed on this machine | List CSPs installed on this machine |
589 | Test CSPs installed on this machine | Test CSPs installed on this machine |
590 | [Algorithm] | [Algorithm] |
591 | Use silent flag to acquire crypt context | Use silent flag to acquire crypt context |
592 | %1 -- Request queue %2 -- Issued or revoked certificates, plus failed requests %3 -- Failed requests %4 -- Revoked certificates %5 -- Extension table %6 -- Attribute table %7 -- CRL table %8 -- Output as Comma Separated Values To display the StatusCode column for all entries: -out StatusCode To display all columns for the last entry: -restrict "RequestId==$" To display RequestId and Disposition for three requests: -restrict "RequestId=37,RequestId |
%1 -- Request queue %2 -- Issued or revoked certificates, plus failed requests %3 -- Failed requests %4 -- Revoked certificates %5 -- Extension table %6 -- Attribute table %7 -- CRL table %8 -- Output as Comma Separated Values To display the StatusCode column for all entries: -out StatusCode To display all columns for the last entry: -restrict "RequestId==$" To display RequestId and Disposition for three requests: -restrict "RequestId=37,RequestId |
593 | [ObjectId | %1 | %2 [CommonName]] | [ObjectId | %1 | %2 [CommonName]] |
594 | Active | Active |
595 | Pending | Pending |
596 | Issued | Issued |
597 | Revoked | Revoked |
598 | Error | Error |
599 | Denied | Denied |
600 | Renewal Cert | Renewal Cert |
601 | Stop and Start Active Directory Certificate Services to complete database restore from %ws. | Stop and Start Active Directory Certificate Services to complete database restore from %ws. |
602 | Server ICertAdmin%ws interface is alive | Server ICertAdmin%ws interface is alive |
603 | Cannot open Active Directory Certificate Services database: %ws. | Cannot open Active Directory Certificate Services database: %ws. |
604 | The Certification Authority service must be stopped for direct database access. | The Certification Authority service must be stopped for direct database access. |
605 | (Local) | (Local) |
606 | %ws: No local Certification Authority; use -config option | %ws: No local Certification Authority; use -config option |
607 | Reason: Unrevoke | Reason: Unrevoke |
608 | This might be caused by: Inaccessible server No permissions on server Server not in the expected state |
This might be caused by: Inaccessible server No permissions on server Server not in the expected state |
609 | Dump PFX structure | Dump PFX structure |
610 | Server "%ws" ICertRequest%ws interface is alive %ws | Server "%ws" ICertRequest%ws interface is alive %ws |
611 | Connecting to %ws ... | Connecting to %ws ... |
612 | Use HKEY_CURRENT_USER keys or certificate store | Use HKEY_CURRENT_USER keys or certificate store |
613 | ================ Certificate %d ================ | ================ Certificate %d ================ |
614 | Enter new password: | Enter new password: |
615 | Confirm new password: | Confirm new password: |
616 | Password differs -- please try again | Password differs -- please try again |
617 | Missing stored keyset | Missing stored keyset |
619 | Backup Active Directory Certificate Services | Backup Active Directory Certificate Services |
621 | Restore Active Directory Certificate Services | Restore Active Directory Certificate Services |
622 | CertificateStoreName InFile | CertificateStoreName InFile |
623 | Add certificate to store | Add certificate to store |
624 | CertificateStoreName CertId | CertificateStoreName CertId |
625 | Delete certificate from store | Delete certificate from store |
626 | CertificateStoreName [CertId] | CertificateStoreName [CertId] |
627 | Verify certificate in store | Verify certificate in store |
628 | Deleting Certificate %d: %ws | Deleting Certificate %d: %ws |
629 | Verifies against UNTRUSTED root | Verifies against UNTRUSTED root |
630 | Incomplete certificate chain | Incomplete certificate chain |
631 | Certificate is valid | Certificate is valid |
632 | Incomplete | Incomplete |
636 | Issued Out of Band | Issued Out of Band |
639 | Certificate request for "%ws" is pending | Certificate request for "%ws" is pending |
640 | Cannot add a non-root certificate to the root store | Cannot add a non-root certificate to the root store |
641 | Force overwrite | Force overwrite |
642 | Certificate or key exists. Use the "%ws" option to overwrite. | Certificate or key exists. Use the "%ws" option to overwrite. |
643 | Incremental database backup for %ws. | Incremental database backup for %ws. |
644 | Full database backup for %ws. | Full database backup for %ws. |
645 | Backed up database to %ws. | Backed up database to %ws. |
646 | Database logs were preserved. | Database logs were preserved. |
647 | Database logs successfully truncated. | Database logs successfully truncated. |
648 | Restoring database for %ws. | Restoring database for %ws. |
649 | File | File |
650 | ObjectId [DisplayName | %1 [LanguageId [Type]]] GroupId AlgId | AlgorithmName [GroupId] |
ObjectId [DisplayName | %1 [LanguageId [Type]]] GroupId AlgId | AlgorithmName [GroupId] |
651 | Display ObjectId or set display name | Display ObjectId or set display name |
652 | Unknown ObjectId | Unknown ObjectId |
653 | Certfile [%1] | Certfile [%1] |
654 | Import a certificate file into the database | Import a certificate file into the database |
655 | Imported Certificate, Assigned RequestId %i. | Imported Certificate, Assigned RequestId %i. |
656 | Revocation check skipped -- server offline | Revocation check skipped -- server offline |
657 | Revocation check skipped -- no revocation information available | Revocation check skipped -- no revocation information available |
658 | Display dynamic file List | Display dynamic file List |
659 | [{%1|%2|%3|%4|%5|%6|%7|%8}\[%9\]][RegistryValueName] | [{%1|%2|%3|%4|%5|%6|%7|%8}\[%9\]][RegistryValueName] |
660 | Display registry value | Display registry value |
661 | [{%1|%2|%3|%4|%5|%6|%7|%8}\[%9\]]RegistryValueName Value | [{%1|%2|%3|%4|%5|%6|%7|%8}\[%9\]]RegistryValueName Value |
662 | Set registry value | Set registry value |
663 | Old Value: | Old Value: |
664 | New Value: | New Value: |
665 | AltName: %u entries: | AltName: %u entries: |
666 | AltName | AltName |
667 | Display database locations | Display database locations |
668 | Not a valid backup target directory: %ws. | Not a valid backup target directory: %ws. |
669 | Not a valid backup directory: %ws. | Not a valid backup directory: %ws. |
670 | Backup content verification failed: %ws. | Backup content verification failed: %ws. |
671 | Incremental database restore for %ws. | Incremental database restore for %ws. |
672 | Full database restore for %ws. | Full database restore for %ws. |
673 | Imported Cert | Imported Cert |
674 | ERROR: Cert is not yet valid | ERROR: Cert is not yet valid |
675 | ERROR: Cert has expired | ERROR: Cert has expired |
676 | ERROR: Cert Valid before issuing CA Cert Valid | ERROR: Cert Valid before issuing CA Cert Valid |
677 | ERROR: Cert Expires after issuing CA Cert Expires | ERROR: Cert Expires after issuing CA Cert Expires |
678 | Decoded extra Extension Array encoding layer (Teletex string) | Decoded extra Extension Array encoding layer (Teletex string) |
679 | ErrorCode | ErrorCode |
680 | Display error code message text | Display error code message text |
681 | Create/delete web virtual roots and file shares | Create/delete web virtual roots and file shares |
682 | Web Virtual Root %ws | Web Virtual Root %ws |
683 | File Share %ws | File Share %ws |
684 | Created | Created |
685 | Deleted | Deleted |
686 | Already Exists | Already Exists |
687 | Not Found | Not Found |
688 | Create Error | Create Error |
689 | Delete Error | Delete Error |
690 | Not Supported. The virtual directory cannot be created because the "IIS 6 Metabase Compatibility" role service is not installed. Install the "IIS 6 Metabase Compatibility" role service and run the command again. | Not Supported. The virtual directory cannot be created because the "IIS 6 Metabase Compatibility" role service is not installed. Install the "IIS 6 Metabase Compatibility" role service and run the command again. |
691 | [%1] | [%1] |
692 | Backing up Database files | Backing up Database files |
693 | Backing up Log files | Backing up Log files |
694 | Truncating Logs | Truncating Logs |
695 | Restoring Database files | Restoring Database files |
696 | Restoring Log files | Restoring Log files |
697 | Maximum Row Index | Maximum Row Index |
698 | CA Cert | CA Cert |
699 | CA Cert Chain | CA Cert Chain |
700 | Characters | Characters |
701 | OVERFLOW: | OVERFLOW: |
702 | Repeated "-%ws" option | Repeated "-%ws" option |
703 | Config string must include Authority name | Config string must include Authority name |
704 | CertFile -- certificate file to publish %1 -- Publish cert to DS Enterprise store %2 -- Publish cert to DS Trusted Root store %3 -- Publish CA cert to DS CA object %4 -- Publish cross cert to DS CA object %5 -- Publish cert to DS Key Recovery Agent object %6 -- Publish cert to User DS object %7 -- Publish cert to Machine DS object CRLFile -- CRL file to publish DSCDPContainer -- DS CDP container CN, usually the CA machine name DSCDPCN -- DS CDP object CN, usually based on the sanitized CA short name and key index Use %8 to create DS object. |
CertFile -- certificate file to publish %1 -- Publish cert to DS Enterprise store %2 -- Publish cert to DS Trusted Root store %3 -- Publish CA cert to DS CA object %4 -- Publish cross cert to DS CA object %5 -- Publish cert to DS Key Recovery Agent object %6 -- Publish cert to User DS object %7 -- Publish cert to Machine DS object CRLFile -- CRL file to publish DSCDPContainer -- DS CDP container CN, usually the CA machine name DSCDPCN -- DS CDP object CN, usually based on the sanitized CA short name and key index Use %8 to create DS object. |
705 | Ensure the server is correctly installed and retry. | Ensure the server is correctly installed and retry. |
706 | Connecting to data source %hs as user %hs | Connecting to data source %hs as user %hs |
707 | Failed to connect to data source 0x%08x (%d) | Failed to connect to data source 0x%08x (%d) |
708 | Converted %u rows | Converted %u rows |
709 | Skipped %u rows that already exist in new Database | Skipped %u rows that already exist in new Database |
710 | Skipped %u rows not issued by this Certification Authority | Skipped %u rows not issued by this Certification Authority |
711 | Converting Row %u | Converting Row %u |
712 | Row %u -- Skipping duplicate Serial Number: %ws | Row %u -- Skipping duplicate Serial Number: %ws |
713 | Row %u -- Skipping entry not issued by this Certification Authority: %ws | Row %u -- Skipping entry not issued by this Certification Authority: %ws |
714 | Converting source row %u to target row %u | Converting source row %u to target row %u |
715 | Begin names table entries for %u.%u | Begin names table entries for %u.%u |
716 | End names table entries for %u.%u | End names table entries for %u.%u |
717 | Get SMTP info | Get SMTP info |
718 | LogonName | LogonName |
719 | Set SMTP info | Set SMTP info |
720 | %u Rows | %u Rows |
721 | Row Properties | Row Properties |
722 | Request Attributes | Request Attributes |
723 | Certificate Extensions | Certificate Extensions |
724 | Total Fields | Total Fields |
725 | %4u %ws, Total Size = %u, Max Size = %u, Ave Size = %u | %4u %ws, Total Size = %u, Max Size = %u, Ave Size = %u |
726 | Private key is NOT exportable | Private key is NOT exportable |
727 | Enterprise Root CA | Enterprise Root CA |
728 | Enterprise Subordinate CA | Enterprise Subordinate CA |
729 | Stand-alone Root CA | Stand-alone Root CA |
730 | Stand-alone Subordinate CA | Stand-alone Subordinate CA |
731 | Unknown CA Type: %u | Unknown CA Type: %u |
732 | [%1] [Machine\ParentCAName] | [%1] [Machine\ParentCAName] |
733 | Renew Certification Authority certificate | Renew Certification Authority certificate |
734 | Cert Hash(%ws): | Cert Hash(%ws): |
735 | Error message text: %ws | Error message text: %ws |
736 | ================ CRL %d ================ | ================ CRL %d ================ |
737 | Deleting CRL %d: %ws | Deleting CRL %d: %ws |
738 | CA Certs: %u | CA Certs: %u |
739 | Keys: | Keys: |
740 | Values: | Values: |
741 | Load(CRL) returned %ws | Load(CRL) returned %ws |
742 | CRL | CRL |
743 | ERROR: CRL is not yet valid | ERROR: CRL is not yet valid |
744 | ERROR: CRL has expired | ERROR: CRL has expired |
745 | ERROR: CRL Valid before issuing CA Cert Valid | ERROR: CRL Valid before issuing CA Cert Valid |
746 | ERROR: CRL Expires after issuing CA Cert Expires | ERROR: CRL Expires after issuing CA Cert Expires |
747 | ERROR: Issuing CA Subject name does not match CRL Issuer | ERROR: Issuing CA Subject name does not match CRL Issuer |
748 | Issuing CA Subject name matches CRL Issuer | Issuing CA Subject name matches CRL Issuer |
749 | ERROR: CA did not issue CRL: Signature check failed | ERROR: CA did not issue CRL: Signature check failed |
750 | CRL signature is valid | CRL signature is valid |
751 | CA Key Id matches Key Id | CA Key Id matches Key Id |
752 | ERROR: CA Key Id does not match Key Id | ERROR: CA Key Id does not match Key Id |
753 | No Key Id | No Key Id |
755 | Unavailable | Unavailable |
756 | Error: No CRL for this Cert | Error: No CRL for this Cert |
758 | Valid | Valid |
759 | Expired | Expired |
760 | Under Submission | Under Submission |
762 | [KeyContainerName | -] | [KeyContainerName | -] |
763 | List key containers | List key containers |
764 | KeyContainerName | KeyContainerName |
765 | Delete named key container | Delete named key container |
766 | Certificate is REVOKED | Certificate is REVOKED |
767 | CA cert verify status | CA cert verify status |
768 | Flags: | Flags: |
769 | ERROR: Certificate public key does NOT match private key | ERROR: Certificate public key does NOT match private key |
770 | Signature test passed | Signature test passed |
771 | Signature test FAILED | Signature test FAILED |
772 | Display DS Certificates | Display DS Certificates |
773 | [FullDSDN] | [CertId [OutFile]] | [FullDSDN] | [CertId [OutFile]] |
774 | Display DS CRLs | Display DS CRLs |
775 | [FullDSDN] | [CRLIndex [OutFile]] | [FullDSDN] | [CRLIndex [OutFile]] |
776 | [CN] | [CN] |
777 | Display DS DNs | Display DS DNs |
778 | CN | CN |
779 | Delete DS DNs | Delete DS DNs |
780 | Deleting | Deleting |
781 | [InfoName [Index | ErrorCode]] | [InfoName [Index | ErrorCode]] |
782 | Display CA Information | Display CA Information |
783 | InfoName argument syntax: | InfoName argument syntax: |
785 | [Index] | [Index] |
786 | Force UTF-8 | Force UTF-8 |
787 | Signature: UnusedBits=%u | Signature: UnusedBits=%u |
788 | Short Name: | Short Name: |
789 | Sanitized Short Name: | Sanitized Short Name: |
790 | SMIME Capabilities: | SMIME Capabilities: |
791 | Request File: | Request File: |
792 | PKCS7 Attribute | PKCS7 Attribute |
793 | No Signature | No Signature |
794 | Certificate Sequence: | Certificate Sequence: |
795 | Cannot find certificate: | Cannot find certificate: |
796 | Valid Encrypted Key Hash | Valid Encrypted Key Hash |
797 | [%1 | %2 | %3] | [%1 | %2 | %3] |
798 | [%1 | %2 | %3 | %4 | %5 | %6 | %7] [%8] | [%1 | %2 | %3 | %4 | %5 | %6 | %7] [%8] |
800 | Display DS Delta CRLs | Display DS Delta CRLs |
801 | Display times with seconds and milliseconds | Display times with seconds and milliseconds |
802 | ERROR: CA Cert has no Basic Constraints2 Extension | ERROR: CA Cert has no Basic Constraints2 Extension |
803 | ERROR: Cannot decode CA Cert Basic Constraints2 Extension | ERROR: Cannot decode CA Cert Basic Constraints2 Extension |
804 | ERROR: CA Cert is an End Entity certificate | ERROR: CA Cert is an End Entity certificate |
805 | Cert is a CA certificate | Cert is a CA certificate |
806 | Cert is an End Entity certificate | Cert is an End Entity certificate |
807 | Element %u: | Element %u: |
808 | CMC | CMC |
809 | Certificate is NOT valid: %ws | Certificate is NOT valid: %ws |
810 | Encryption test passed | Encryption test passed |
811 | Encryption test FAILED | Encryption test FAILED |
812 | Use V1 interfaces | Use V1 interfaces |
813 | File version | File version |
814 | Product version | Product version |
815 | Exit module count | Exit module count |
816 | Exit module description | Exit module description |
817 | Policy module description | Policy module description |
818 | CA name | CA name |
819 | Sanitized CA name | Sanitized CA name |
820 | Shared folder | Shared folder |
821 | CA type | CA type |
822 | Parent CA | Parent CA |
823 | CA cert count | CA cert count |
824 | CA cert | CA cert |
825 | CA cert chain | CA cert chain |
826 | CA exchange cert count | CA exchange cert count |
827 | CA exchange cert | CA exchange cert |
828 | CA exchange cert chain | CA exchange cert chain |
829 | Base CRL | Base CRL |
830 | Delta CRL | Delta CRL |
833 | CA info | CA info |
834 | Display CA Property Type Information | Display CA Property Type Information |
835 | Use ICertAdmin2 for CA Properties | Use ICertAdmin2 for CA Properties |
836 | Maximum CA PropId | Maximum CA PropId |
837 | Select a certificate from a selection UI | Select a certificate from a selection UI |
838 | Certificate List | Certificate List |
839 | List certificates | List certificates |
840 | List certificates for ObjectId | List certificates for ObjectId |
841 | List Enrollment Registration Authority certificates | List Enrollment Registration Authority certificates |
842 | List Key Recovery Agent certificates | List Key Recovery Agent certificates |
843 | Key Id Hash(%ws): | Key Id Hash(%ws): |
844 | CMS Certificate Request: | CMS Certificate Request: |
845 | CMS Response: | CMS Response: |
846 | Tagged Attributes: | Tagged Attributes: |
847 | Tagged Content Info: | Tagged Content Info: |
848 | Tagged Requests: | Tagged Requests: |
849 | Tagged Other Messages: | Tagged Other Messages: |
850 | UNKNOWN Request Choice | UNKNOWN Request Choice |
851 | Body Part Id: | Body Part Id: |
852 | Cannot load key: %ws | Cannot load key: %ws |
853 | Expired certificate | Expired certificate |
854 | Unauthenticated Attributes | Unauthenticated Attributes |
855 | Content Type | Content Type |
856 | Data Reference | Data Reference |
857 | Cert Reference | Cert Reference |
858 | Value | Value |
859 | UNKNOWN Tagged Attribute | UNKNOWN Tagged Attribute |
860 | Signer Count | Signer Count |
861 | Signer Info | Signer Info |
862 | Hash Algorithm: | Hash Algorithm: |
863 | Encrypted Hash Algorithm: | Encrypted Hash Algorithm: |
864 | Stored Hash%ws: | Stored Hash%ws: |
865 | Computed Hash%ws: | Computed Hash%ws: |
866 | CMC Attribute | CMC Attribute |
867 | Exchange Authority Information Access | Exchange Authority Information Access |
868 | Exchange Version | Exchange Version |
869 | InFile [HashAlgorithm] | InFile [HashAlgorithm] |
870 | Generate and display cryptographic hash over a file | Generate and display cryptographic hash over a file |
871 | %ws hash of file %ws: | %ws hash of file %ws: |
872 | CA Key Exchange Certificate | CA Key Exchange Certificate |
873 | Pass | Pass |
874 | No Recipient | No Recipient |
875 | Recipient Count | Recipient Count |
876 | Recipient Info | Recipient Info |
877 | DNS Name | DNS Name |
878 | SearchToken [RecoveryBlobOutFile] SearchToken %1 OutputScriptFile SearchToken %2 | %3 OutputFileBaseName |
SearchToken [RecoveryBlobOutFile] SearchToken %1 OutputScriptFile SearchToken %2 | %3 OutputFileBaseName |
879 | Retrieve archived private key recovery blob, generate a recovery script, or recover archived keys |
Retrieve archived private key recovery blob, generate a recovery script, or recover archived keys |
880 | RecoveryBlobInFile [PFXOutFile [RecipientIndex]] | RecoveryBlobInFile [PFXOutFile [RecipientIndex]] |
881 | Recover archived private key | Recover archived private key |
882 | [File] |
[File] |
883 | Decrypted PKCS7 Message Content | Decrypted PKCS7 Message Content |
884 | Cannot decrypt message content. | Cannot decrypt message content. |
885 | Key recovery requires one of the following certificates and its private key: | Key recovery requires one of the following certificates and its private key: |
886 | User Certificate: | User Certificate: |
887 | Algorithm Class | Algorithm Class |
888 | Algorithm Type | Algorithm Type |
889 | Algorithm Sub-id | Algorithm Sub-id |
890 | CMC Status Info | CMC Status Info |
891 | Body Part Id Reference | Body Part Id Reference |
892 | Status String | Status String |
893 | Other Info Choice | Other Info Choice |
894 | Fail Info | Fail Info |
895 | Pend Token: | Pend Token: |
896 | Pend Time | Pend Time |
897 | CertFile [%1 | %2 | %3 | %4 | %5 | %6 | %7] CRLFile [DSCDPContainer [DSCDPCN]] |
CertFile [%1 | %2 | %3 | %4 | %5 | %6 | %7] CRLFile [DSCDPContainer [DSCDPCN]] |
898 | Publish certificate or CRL to Active Directory | Publish certificate or CRL to Active Directory |
899 | Could not load Certificate or CRL from file (%ws) | Could not load Certificate or CRL from file (%ws) |
900 | User | User |
901 | Authenticated Session | Authenticated Session |
902 | Smartcard Logon | Smartcard Logon |
903 | Basic EFS | Basic EFS |
904 | Administrator | Administrator |
905 | EFS Recovery Agent | EFS Recovery Agent |
906 | Code Signing | Code Signing |
907 | Trust List Signing | Trust List Signing |
908 | Computer | Computer |
909 | Domain Controller | Domain Controller |
910 | Web Server | Web Server |
911 | KDC | KDC |
912 | Root Certification Authority | Root Certification Authority |
913 | Subordinate Certification Authority | Subordinate Certification Authority |
914 | Enrollment Agent | Enrollment Agent |
915 | Smartcard User | Smartcard User |
917 | User Signature Only | User Signature Only |
919 | The value for the following key is incorrect in the INF file. It should be a non-zero numeric value. | The value for the following key is incorrect in the INF file. It should be a non-zero numeric value. |
923 | IPSec | IPSec |
924 | The value for RenewalValidityPeriodUnits is incorrect in CAPolicy.inf. It should be a non-zero numeric value. | The value for RenewalValidityPeriodUnits is incorrect in CAPolicy.inf. It should be a non-zero numeric value. |
925 | IPSec (Offline request) | IPSec (Offline request) |
926 | The value for RenewalValidityPeriod is incorrect in CAPolicy.inf. It should be one of the following: Years, Months, Weeks or Days (in English). | The value for RenewalValidityPeriod is incorrect in CAPolicy.inf. It should be one of the following: Years, Months, Weeks or Days (in English). |
927 | Router (Offline request) | Router (Offline request) |
928 | req | req |
929 | Open Request File | Open Request File |
930 | Request Files (*.req; *.txt; *.cmc; *.der)|*.req;*.txt;*.cmc;*.der|Certificate Files(*.cer; *.crt; *.der)|*.cer;*.crt;*.der|All Files (*.*)|*.*|| | Request Files (*.req; *.txt; *.cmc; *.der)|*.req;*.txt;*.cmc;*.der|Certificate Files(*.cer; *.crt; *.der)|*.cer;*.crt;*.der|All Files (*.*)|*.*|| |
931 | Please enter a computer name. | Please enter a computer name. |
932 | Please make sure there is a running CA on the computer. | Please make sure there is a running CA on the computer. |
933 | There is no matched CA on the computer. This might be caused by the computer being offline. Please contact the system administrator or select a different CA. | There is no matched CA on the computer. This might be caused by the computer being offline. Please contact the system administrator or select a different CA. |
934 | Cannot ping the selected CA. Please make sure the CA is running. | Cannot ping the selected CA. Please make sure the CA is running. |
935 | Exchange Enrollment Agent (Offline request) | Exchange Enrollment Agent (Offline request) |
936 | Exchange User | Exchange User |
937 | Exchange Signature Only | Exchange Signature Only |
938 | There are no published CAs available. Please contact the system administrator or select a CA by name. | There are no published CAs available. Please contact the system administrator or select a CA by name. |
939 | Enrollment Agent (Computer) | Enrollment Agent (Computer) |
940 | Save Request File | Save Request File |
941 | CEP Encryption | CEP Encryption |
942 | Built Policy | Built Policy |
943 | Policy Element | Policy Element |
944 | Policy Statement Extension | Policy Statement Extension |
945 | Policy inf missing section or key | Policy inf missing section or key |
946 | Opened Policy inf | Opened Policy inf |
947 | Cannot open Policy inf | Cannot open Policy inf |
948 | Begin | Begin |
949 | End | End |
950 | Manage CA | Manage CA |
951 | Issue and Manage Certificates | Issue and Manage Certificates |
952 | Manage Audit Logs | Manage Audit Logs |
953 | Backup and Restore | Backup and Restore |
954 | Read | Read |
955 | Request Certificates | Request Certificates |
964 | Closed Policy inf | Closed Policy inf |
965 | Message Box | Message Box |
966 | The value for RenewalValidityPeriod is incorrect in unattended answer file. It should be one of the following: Years, Months, Weeks or Days (in English). | The value for RenewalValidityPeriod is incorrect in unattended answer file. It should be one of the following: Years, Months, Weeks or Days (in English). |
967 | Key Recovery Agent | Key Recovery Agent |
968 | CA Exchange | CA Exchange |
969 | 970 Cross Certification Authority | 970 Cross Certification Authority |
971 | Domain Controller Authentication | Domain Controller Authentication |
972 | Directory Email Replication | Directory Email Replication |
974 | You have configured this Web client to forward requests to an enterprise CA. If the CA is using the enterprise default policy module, this computer must have delegation enabled and use Kerberos authentication. To enable delegation, see 'Allow computer accounts to be trusted for delegation' help topic. |
You have configured this Web client to forward requests to an enterprise CA. If the CA is using the enterprise default policy module, this computer must have delegation enabled and use Kerberos authentication. To enable delegation, see 'Allow computer accounts to be trusted for delegation' help topic. |
976 | The Web client cannot be configured to forward requests to the selected CA. | The Web client cannot be configured to forward requests to the selected CA. |
977 | The value for the following key is incorrect in the INF file. It should be a boolean value (Yes/No/True/False/0/1). | The value for the following key is incorrect in the INF file. It should be a boolean value (Yes/No/True/False/0/1). |
978 | Workstation Authentication | Workstation Authentication |
979 | RAS and IAS Server | RAS and IAS Server |
980 | Low Assurance | Low Assurance |
981 | Medium Assurance | Medium Assurance |
982 | High Assurance | High Assurance |
983 | OCSP Response Signing | OCSP Response Signing |
984 | Kerberos Authentication | Kerberos Authentication |
1000 | Key recovery agent | Key recovery agent |
1001 | Directory e-mail replication | Directory e-mail replication |
1002 | Cross-certified certification authority | Cross-certified certification authority |
1003 | Certification authority (CA) | Certification authority (CA) |
1007 | Active Directory KRA | Active Directory KRA |
1008 | Active Directory AIA | Active Directory AIA |
1009 | Logged on user | Logged on user |
1010 | Local system | Local system |
1011 | username/password | username/password |
1012 | certificate | certificate |
1013 | windows integrated | windows integrated |
1014 | anonymous | anonymous |
1015 | unknown | unknown |
1016 | credential is private | credential is private |
2000 | Bytes | Bytes |
2001 | %ws already in DS store. | %ws already in DS store. |
2002 | Certificate | Certificate |
2003 | Subject Key Id (%ws): | Subject Key Id (%ws): |
2004 | precomputed | precomputed |
2005 | Cannot open Cert store. | Cannot open Cert store. |
2006 | Cannot open existing Cert store. Use %ws option to force Cert store creation. | Cannot open existing Cert store. Use %ws option to force Cert store creation. |
2007 | CertificateStoreName CertIdList [PropertyInfFile | SDDLSecurityDescriptor] | CertificateStoreName CertIdList [PropertyInfFile | SDDLSecurityDescriptor] |
2008 | Repair key association or update certificate properties or key security descriptor | Repair key association or update certificate properties or key security descriptor |
2009 | %d bit key | %d bit key |
2010 | Delete registry value | Delete registry value |
2011 | Cannot verify detached signature | Cannot verify detached signature |
2012 | [CertificateStoreName] CertId PFXFile [Modifiers] | [CertificateStoreName] CertId PFXFile [Modifiers] |
2013 | Export certificate and private key | Export certificate and private key |
2014 | [CertificateStoreName] PFXFile [Modifiers] | [CertificateStoreName] PFXFile [Modifiers] |
2015 | Import certificate and private key | Import certificate and private key |
2016 | [Template] | [Template] |
2017 | Display DS Template Attributes | Display DS Template Attributes |
2018 | TemplateInfFile | TemplateInfFile |
2019 | Add DS Templates | Add DS Templates |
2020 | Created DS Template | Created DS Template |
2021 | Updated DS Template | Updated DS Template |
2022 | %ws: -%ws command completed successfully. | %ws: -%ws command completed successfully. |
2023 | The %ws service may need to be restarted for changes to take effect. | The %ws service may need to be restarted for changes to take effect. |
2025 | Display Enrollment Policy templates | Display Enrollment Policy templates |
2026 | Template | Template |
2027 | Display CAs for template | Display CAs for template |
2029 | Display templates for CA | Display templates for CA |
2030 | Display user templates | Display user templates |
2031 | Display machine templates | Display machine templates |
2032 | Template Extensions: | Template Extensions: |
2033 | Enter new password for output file %ws: | Enter new password for output file %ws: |
2034 | Enter password for %ws: | Enter password for %ws: |
2035 | Encode text without CR characters | Encode text without CR characters |
2036 | InFile OutFile [type] | InFile OutFile [type] |
2037 | Encode file in hexadecimal | Encode file in hexadecimal |
2038 | Embedded ASN.1 Element: | Embedded ASN.1 Element: |
2039 | Split embedded ASN.1 elements, and save to files | Split embedded ASN.1 elements, and save to files |
2040 | Use local machine Enterprise registry certificate store | Use local machine Enterprise registry certificate store |
2041 | No root certificates found. | No root certificates found. |
2042 | Invalidity Date | Invalidity Date |
2043 | Querying %ws | Querying %ws |
2044 | Role Separation | Role Separation |
2045 | Verified Issuance Policies | Verified Issuance Policies |
2046 | Verified Application Policies | Verified Application Policies |
2047 | [URL | %1 | %2 [%3]] | [URL | %1 | %2 [%3]] |
2048 | Display or delete URL cache entries | Display or delete URL cache entries |
2049 | KRA cert count | KRA cert count |
2050 | KRA cert used count | KRA cert used count |
2051 | KRA cert | KRA cert |
2052 | Invalid ObjectId or Algorithm | Invalid ObjectId or Algorithm |
2053 | PKCS7/CMS Message: | PKCS7/CMS Message: |
2054 | No display names | No display names |
2055 | Type mismatch | Type mismatch |
2056 | Localized name | Localized name |
2057 | CSP Provider Info | CSP Provider Info |
2058 | InFileList|SerialNumber|%1 OutFileList [StartDate[+|-%9]+|-%9] [+SerialNumberList | -SerialNumberList | -ObjectIdList | @ExtensionFile] InFileList|SerialNumber|%1 OutFileList [#HashAlgorithm] [+%6 | -%6] InFileList OutFileList [%10] [%11hex data] |
InFileList|SerialNumber|%1 OutFileList [StartDate[+|-%9]+|-%9] [+SerialNumberList | -SerialNumberList | -ObjectIdList | @ExtensionFile] InFileList|SerialNumber|%1 OutFileList [#HashAlgorithm] [+%6 | -%6] InFileList OutFileList [%10] [%11hex data] |
2059 | Re-sign CRL or certificate | Re-sign CRL or certificate |
2060 | Signing certificate Subject | Signing certificate Subject |
2061 | RowId | Date [%1 | %2 | %3 | %4 | %5] | RowId | Date [%1 | %2 | %3 | %4 | %5] |
2062 | Delete server database row | Delete server database row |
2063 | Rows deleted: %u | Rows deleted: %u |
2064 | One of the following tables must be specified when deleting rows older than %ws: | One of the following tables must be specified when deleting rows older than %ws: |
2065 | The date specified is in the future: %ws | The date specified is in the future: %ws |
2066 | CRL Hash(%ws): | CRL Hash(%ws): |
2067 | Include CRLs | Include CRLs |
2068 | Full Response | Full Response |
2069 | CA cert chain with CRLs | CA cert chain with CRLs |
2070 | CA exchange cert chain with CRLs | CA exchange cert chain with CRLs |
2071 | Pulse autoenrollment event or NGC task | Pulse autoenrollment event or NGC task |
2072 | DomainName\MachineName$ | DomainName\MachineName$ |
2073 | Display Active Directory machine object information | Display Active Directory machine object information |
2074 | Machine object missing %ws attribute. | Machine object missing %ws attribute. |
2075 | Group Memberships: | Group Memberships: |
2076 | [Domain] [%1 | %2 | %3] | [Domain] [%1 | %2 | %3] |
2077 | Display domain controller information | Display domain controller information |
2078 | Enterprise Root store: %ws | Enterprise Root store: %ws |
2079 | KDC certificates: %ws | KDC certificates: %ws |
2080 | DC UNAVAILABLE: %ws | DC UNAVAILABLE: %ws |
2081 | *** Testing DC[%u]: %ws | *** Testing DC[%u]: %ws |
2082 | ** Enterprise Root Certificates for DC %ws | ** Enterprise Root Certificates for DC %ws |
2083 | ** KDC Certificates for DC %ws | ** KDC Certificates for DC %ws |
2084 | Unknown Property | Unknown Property |
2086 | Public Key Length: %u bits | Public Key Length: %u bits |
2087 | Advanced Server | Advanced Server |
2088 | CRL Publish Status | CRL Publish Status |
2089 | Delta CRL Publish Status | Delta CRL Publish Status |
2090 | Templates | Templates |
2091 | Parameter = %x | Parameter = %x |
2092 | Parameter Flags = %x | Parameter Flags = %x |
2093 | Archived! | Archived! |
2095 | Display enterprise information | Display enterprise information |
2096 | Display CA information | Display CA information |
2097 | DSS Key Length: %u bits | DSS Key Length: %u bits |
2098 | ================ CTL %d ================ | ================ CTL %d ================ |
2099 | Client Id: | Client Id: |
2100 | User: | User: |
2101 | Machine: | Machine: |
2102 | Certificate Trust List: | Certificate Trust List: |
2103 | List Identifier: | List Identifier: |
2104 | Sequence Number: | Sequence Number: |
2105 | Subject Algorithm: | Subject Algorithm: |
2106 | CTL Entries: | CTL Entries: |
2107 | Usage Entries: | Usage Entries: |
2108 | Subject Identifier%ws: | Subject Identifier%ws: |
2109 | View Certificate Store | View Certificate Store |
2110 | Select Certificate | Select Certificate |
2111 | Select Certificate to Delete | Select Certificate to Delete |
2112 | Saved certificate %ws | Saved certificate %ws |
2113 | Deleted certificate %ws | Deleted certificate %ws |
2114 | Enroll-on-Behalf-of | Enroll-on-Behalf-of |
2115 | [ReaderName [%1]] | [ReaderName [%1]] |
2116 | Display smart card information | Display smart card information |
2117 | Service is paused. | Service is paused. |
2118 | Service is stopped. | Service is stopped. |
2119 | Service is in an unknown state. | Service is in an unknown state. |
2120 | The Microsoft Smart Card Resource Manager is running. | The Microsoft Smart Card Resource Manager is running. |
2121 | The Microsoft Smart Card Resource Manager is not running. | The Microsoft Smart Card Resource Manager is not running. |
2122 | Found AT_SIGNATURE key but no AT_KEYEXCHANGE key | Found AT_SIGNATURE key but no AT_KEYEXCHANGE key |
2123 | Server could not be reached: %ws | Server could not be reached: %ws |
2124 | Select Decryption Certificate | Select Decryption Certificate |
2125 | Foreign Cert | Foreign Cert |
2126 | KRA Cert | KRA Cert |
2127 | UPN: | UPN: |
2128 | Subject Unmodified | Subject Unmodified |
2129 | Publish Error | Publish Error |
2130 | NULL signature verifies | NULL signature verifies |
2131 | Source Url Name: | Source Url Name: |
2132 | Local File Name: | Local File Name: |
2133 | Use Count: %d | Use Count: %d |
2134 | Hit Rate: %d | Hit Rate: %d |
2135 | File Size: %d | File Size: %d |
2136 | Last Modified Time: | Last Modified Time: |
2137 | Expire Time: | Expire Time: |
2138 | Last Access Time: | Last Access Time: |
2139 | Last Sync Time: | Last Sync Time: |
2140 | Error: Check machine name. Should be domain\computer$ | Error: Check machine name. Should be domain\computer$ |
2141 | %ws is missing trailing $, correct? | %ws is missing trailing $, correct? |
2142 | Issuer Domain Policy = | Issuer Domain Policy = |
2143 | Subject Domain Policy = | Subject Domain Policy = |
2144 | Map[%u]: | Map[%u]: |
2145 | Cert Type not DC: %ws | Cert Type not DC: %ws |
2146 | Cert Usage missing %ws | Cert Usage missing %ws |
2147 | Deleted KDC certificate! | Deleted KDC certificate! |
2148 | CertDeleteCertificateFromStore failed! - %x | CertDeleteCertificateFromStore failed! - %x |
2149 | %u KDC certificates for %ws | %u KDC certificates for %ws |
2150 | No KDC Certificate in MY store | No KDC Certificate in MY store |
2151 | No certificates in Enterprise Root store! | No certificates in Enterprise Root store! |
2152 | CertOpenStore on remote My store failed! - %x | CertOpenStore on remote My store failed! - %x |
2153 | Error Getting Archived Prop bit! - %x | Error Getting Archived Prop bit! - %x |
2154 | ++ Archived Certificate ++ | ++ Archived Certificate ++ |
2155 | No Autoenrolled Certificates in MY store!!! | No Autoenrolled Certificates in MY store!!! |
2156 | CertOpenStore on remote ent store failed! %x | CertOpenStore on remote ent store failed! %x |
2157 | No Autoenrollment Objects!!! | No Autoenrollment Objects!!! |
2158 | No Access! | No Access! |
2159 | Retrieve and verify AIA Certs and CDP CRLs | Retrieve and verify AIA Certs and CDP CRLs |
2160 | Defaults to Request and Certificate table %1 -- Extension table %2 -- Attribute table %3 -- CRL table |
Defaults to Request and Certificate table %1 -- Extension table %2 -- Attribute table %3 -- CRL table |
2161 | CA Registry Validity Period: %ws %ws | CA Registry Validity Period: %ws %ws |
2162 | Supported Certificate Templates: | Supported Certificate Templates: |
2163 | No supported Certificate Templates:: | No supported Certificate Templates:: |
2164 | CA Name property fetching failed! %x | CA Name property fetching failed! %x |
2165 | CA Name: %ws | CA Name: %ws |
2166 | DNS Name property fetching failed! %x | DNS Name property fetching failed! %x |
2167 | Machine Name: %ws | Machine Name: %ws |
2168 | DS Location: %ws | DS Location: %ws |
2169 | Cert DN property fetching failed! %x | Cert DN property fetching failed! %x |
2170 | Cert DN: %ws | Cert DN: %ws |
2171 | Sig Alg property fetching failed! %x | Sig Alg property fetching failed! %x |
2172 | Supported signature algs: %ws | Supported signature algs: %ws |
2173 | No signature algs on DS! | No signature algs on DS! |
2174 | No Certificate types for this CA | No Certificate types for this CA |
2175 | No certificate type returned, although one exists! | No certificate type returned, although one exists! |
2176 | No CA's listed in the domain. The configuration might be stored in the root domain. Use the -dc option to target your root domain controller for the information. | No CA's listed in the domain. The configuration might be stored in the root domain. Use the -dc option to target your root domain controller for the information. |
2177 | Cannot access DFS share | Cannot access DFS share |
2178 | DFS Data is accessible | DFS Data is accessible |
2179 | No entries found in Ping Search! | No entries found in Ping Search! |
2180 | No DSPath for Policy [non-fatal] | No DSPath for Policy [non-fatal] |
2181 | RegQueryValue (DSPATH) failed! %x | RegQueryValue (DSPATH) failed! %x |
2182 | No FileSysPath for Policy [non-fatal] | No FileSysPath for Policy [non-fatal] |
2183 | Done. | Done. |
2184 | ldap search (%ws) found 0 items! | ldap search (%ws) found 0 items! |
2185 | =========== Root Certs in policy ================= | =========== Root Certs in policy ================= |
2186 | Certificate %u: | Certificate %u: |
2187 | No Root Certificates in Policy on this machine | No Root Certificates in Policy on this machine |
2188 | Check event log for UserEnv errors! | Check event log for UserEnv errors! |
2189 | ==== Policies Processed for MACHINE === | ==== Policies Processed for MACHINE === |
2190 | ==== Policies Processed for USER === | ==== Policies Processed for USER === |
2191 | Possibly No Policies applied. See Event Log for Userenv errors! | Possibly No Policies applied. See Event Log for Userenv errors! |
2192 | Target a specific Domain Controller | Target a specific Domain Controller |
2193 | DCName | DCName |
2194 | Display Name: | Display Name: |
2195 | Computer Name: %ws | Computer Name: %ws |
2196 | User Name: %ws | User Name: %ws |
2197 | bad option | bad option |
2198 | ++++++++ MACHINE: %ws ++++++++ | ++++++++ MACHINE: %ws ++++++++ |
2199 | ### Key: | ### Key: |
2200 | GPO Name: %ws | GPO Name: %ws |
2201 | Signature matches request Public Key | Signature matches request Public Key |
2202 | ColumnList | ColumnList |
2203 | Comma separated Column List | Comma separated Column List |
2204 | RestrictionList | RestrictionList |
2205 | Comma separated Restriction List | Comma separated Restriction List |
2206 | Machine\CAName | Machine\CAName |
2207 | CA and Machine name string | CA and Machine name string |
2208 | Display a verb list (command list) | Display a verb list (command list) |
2209 | Display help text for the "%ws" verb | Display help text for the "%ws" verb |
2210 | Display all help text for all verbs | Display all help text for all verbs |
2211 | Imported foreign certificate | Imported foreign certificate |
2212 | Imported certificate | Imported certificate |
2213 | Certificate already imported | Certificate already imported |
2214 | Archived key updated | Archived key updated |
2215 | Archived key | Archived key |
2216 | Key already archived | Key already archived |
2217 | Ignored signing certificate | Ignored signing certificate |
2218 | Users | Users |
2219 | Ignored signature certificates | Ignored signature certificates |
2220 | Certificates with keys | Certificates with keys |
2221 | Foreign certificates imported | Foreign certificates imported |
2222 | Certificates already imported | Certificates already imported |
2223 | Certificates imported | Certificates imported |
2224 | Certificates not imported | Certificates not imported |
2225 | Keys | Keys |
2226 | Keys already archived | Keys already archived |
2227 | Keys updated | Keys updated |
2228 | Keys archived | Keys archived |
2229 | Keys not archived | Keys not archived |
2230 | Merge PFX files | Merge PFX files |
2231 | PFXInFileList PFXOutFile [Modifiers] | PFXInFileList PFXOutFile [Modifiers] |
2232 | Online | Online |
2233 | OFFLINE | OFFLINE |
2234 | Previous CA Cert Hash | Previous CA Cert Hash |
2235 | Message Digest | Message Digest |
2236 | Archived Key Cert Hash | Archived Key Cert Hash |
2237 | Issued Cert Hash | Issued Cert Hash |
2238 | Encrypted Key Hash | Encrypted Key Hash |
2239 | CRL Number | CRL Number |
2240 | Minimum Base CRL Number | Minimum Base CRL Number |
2241 | Virtual Base CRL Number | Virtual Base CRL Number |
2242 | CRL Next Publish | CRL Next Publish |
2243 | Signing Time | Signing Time |
2244 | Delta CRL CDP | Delta CRL CDP |
2245 | CRL Self CDP | CRL Self CDP |
2246 | Application Policies | Application Policies |
2247 | Application Policy Mappings | Application Policy Mappings |
2248 | Application Policy Constraints | Application Policy Constraints |
2249 | Policy Mappings | Policy Mappings |
2250 | Policy Constraints | Policy Constraints |
2251 | Counter Signature | Counter Signature |
2252 | %u Machine certificates (%u archived) | %u Machine certificates (%u archived) |
2253 | for %ws | for %ws |
2254 | V1 Autoenrollment Objects: | V1 Autoenrollment Objects: |
2255 | Skipping CSP at index %u | Skipping CSP at index %u |
2256 | Provider Name: | Provider Name: |
2257 | Provider Type: | Provider Type: |
2258 | Private key verifies | Private key verifies |
2259 | Processing KMS exports from: | Processing KMS exports from: |
2261 | Encrypted key: | Encrypted key: |
2262 | Decrypted key: | Decrypted key: |
2263 | Failed to import symmetric key | Failed to import symmetric key |
2264 | Lock box opened, symmetric key successfully decrypted | Lock box opened, symmetric key successfully decrypted |
2265 | Moved AT_SIGNATURE key to AT_KEYEXCHANGE | Moved AT_SIGNATURE key to AT_KEYEXCHANGE |
2266 | Validated Cert Types | Validated Cert Types |
2267 | Cert Type | Cert Type |
2268 | ==== %u CAs on %ws Domain ==== | ==== %u CAs on %ws Domain ==== |
2269 | CACountCAs inconsistent with CAEnumNextCA | CACountCAs inconsistent with CAEnumNextCA |
2270 | Cached LDAP DC | Cached LDAP DC |
2271 | Current reader/card status: | Current reader/card status: |
2272 | SCardEstablishContext failed for user scope. | SCardEstablishContext failed for user scope. |
2273 | A list of smart card readers cannot be determined. | A list of smart card readers cannot be determined. |
2274 | SCardListReaders failed for SCARD_ALL_READERS | SCardListReaders failed for SCARD_ALL_READERS |
2275 | No smart card readers are currently available. | No smart card readers are currently available. |
2276 | A list of smart card readers could not be determined. | A list of smart card readers could not be determined. |
2277 | Readers: | Readers: |
2278 | --- Reader: | --- Reader: |
2279 | --- Status: | --- Status: |
2280 | No card. | No card. |
2281 | The card is unrecognized or not responding. | The card is unrecognized or not responding. |
2282 | Card is in use exclusively by another process. | Card is in use exclusively by another process. |
2283 | The card is being shared by a process. | The card is being shared by a process. |
2284 | The card is available for use. | The card is available for use. |
2285 | Card/Reader not responding. | Card/Reader not responding. |
2286 | --- Card: | --- Card: |
2287 | Unknown Card. | Unknown Card. |
2288 | Performing %ws public key matching test... | Performing %ws public key matching test... |
2289 | %ws succeeded but returned zero size | %ws succeeded but returned zero size |
2290 | Public key from KeyProvInfo container: | Public key from KeyProvInfo container: |
2291 | Public key from Cert: | Public key from Cert: |
2292 | Public key matching test succeeded | Public key matching test succeeded |
2293 | Chain on smart card is invalid | Chain on smart card is invalid |
2294 | Chain validates | Chain validates |
2295 | No %ws key for reader: | No %ws key for reader: |
2296 | Cannot open the %ws key for reader: | Cannot open the %ws key for reader: |
2297 | No %ws cert retrieved for reader: | No %ws cert retrieved for reader: |
2298 | Performing cert chain verification... | Performing cert chain verification... |
2299 | Displayed %ws cert for reader: | Displayed %ws cert for reader: |
2300 | Analyzing card in reader: | Analyzing card in reader: |
2301 | Cannot retrieve Provider Name for %ws | Cannot retrieve Provider Name for %ws |
2302 | %1 -- Failed and pending requests (submission date) %2 -- Expired and revoked certificates (expiration date) %3 -- Extension table %4 -- Attribute table %5 -- CRL table (expiration date) To delete failed and pending requests submitted by January 22, 2001: 1/22/2001 %1 To delete all certificates that expired by January 22, 2001: 1/22/2001 %2 To delete the certificate row, attributes and extensions for RequestId 37: 37 To delete CRLs that expired by January 22, 2001: 1/22/2001 %5 |
%1 -- Failed and pending requests (submission date) %2 -- Expired and revoked certificates (expiration date) %3 -- Extension table %4 -- Attribute table %5 -- CRL table (expiration date) To delete failed and pending requests submitted by January 22, 2001: 1/22/2001 %1 To delete all certificates that expired by January 22, 2001: 1/22/2001 %2 To delete the certificate row, attributes and extensions for RequestId 37: 37 To delete CRLs that expired by January 22, 2001: 1/22/2001 %5 |
2303 | All | All |
2305 | Select Certificate or CRL | Select Certificate or CRL |
2306 | Certificate Files|*.cer;*.crt|CRL Files|*.crl|| | Certificate Files|*.cer;*.crt|CRL Files|*.crl|| |
2307 | cer | cer |
2308 | Convert PFX files to EPF file | Convert PFX files to EPF file |
2309 | PFXInFileList EPFOutFile [%1 | %2] [V3CACertId][,Salt] | PFXInFileList EPFOutFile [%1 | %2] [V3CACertId][,Salt] |
2310 | ERROR: Could not find a matching user or computer in Active Directory. | ERROR: Could not find a matching user or computer in Active Directory. |
2311 | KMS CA Certificate List | KMS CA Certificate List |
2312 | Select KMS CA certificate | Select KMS CA certificate |
2313 | RequestId -- numeric Request Id of a pending request ExtensionName -- ObjectId string of the extension Flags -- 0 is recommended. 1 makes the extension critical, 2 disables it, 3 does both. If the last parameter is numeric, it is taken as a Long. If it can be parsed as a date, it is taken as a Date. If it starts with '@', the rest of the token is the filename containing binary data or an ascii-text hex dump. Anything else is taken as a String. |
RequestId -- numeric Request Id of a pending request ExtensionName -- ObjectId string of the extension Flags -- 0 is recommended. 1 makes the extension critical, 2 disables it, 3 does both. If the last parameter is numeric, it is taken as a Long. If it can be parsed as a date, it is taken as a Date. If it starts with '@', the rest of the token is the filename containing binary data or an ascii-text hex dump. Anything else is taken as a String. |
2314 | InFileList -- comma separated list of Certificate or CRL files to modify and re-sign SerialNumber -- Serial number of certificate to create Validity period and other options must not be present %1 -- Create an empty CRL Validity period and other options must not be present OutFileList -- comma separated list of modified Certificate or CRL output files. The number of files must match InFileList. StartDate[+|-%9]+|-%9 -- new validity period: optional date plus optional days and hours start date offset and optional days and hours validity period If multiple fields are used, use a (+) or (-) separator Use "%7[+%9]" to start at the current time Use "%7-%9+%9" to start at a fixed offset from the current time and a fixed validity period Use "%8" to have no expiration date (for CRLs only) SerialNumberList -- comma separated serial number list to add or remove ObjectIdList -- comma separated extension ObjectId list to remove @ExtensionFile -- INF file containing extensions to update or remove: %2 %3 Remove CRL Distribution Points extension %4 Update Key Usage extension %5 HashAlgorithm -- Name of the hash algorithm preceded by a # sign %6 -- alternate Signature algorithm specifier A minus sign causes serial numbers and extensions to be removed. A plus sign causes serial numbers to be added to a CRL. When removing items from a CRL, the list may contain both serial numbers and ObjectIds. A minus sign before %6 causes the legacy signature format to be used. A plus sign before %6 causes the alternature signature format to be used. If %6 is not specifed then the signature format in the certificate or CRL is used. |
InFileList -- comma separated list of Certificate or CRL files to modify and re-sign SerialNumber -- Serial number of certificate to create Validity period and other options must not be present %1 -- Create an empty CRL Validity period and other options must not be present OutFileList -- comma separated list of modified Certificate or CRL output files. The number of files must match InFileList. StartDate[+|-%9]+|-%9 -- new validity period: optional date plus optional days and hours start date offset and optional days and hours validity period If multiple fields are used, use a (+) or (-) separator Use "%7[+%9]" to start at the current time Use "%7-%9+%9" to start at a fixed offset from the current time and a fixed validity period Use "%8" to have no expiration date (for CRLs only) SerialNumberList -- comma separated serial number list to add or remove ObjectIdList -- comma separated extension ObjectId list to remove @ExtensionFile -- INF file containing extensions to update or remove: %2 %3 Remove CRL Distribution Points extension %4 Update Key Usage extension %5 HashAlgorithm -- Name of the hash algorithm preceded by a # sign %6 -- alternate Signature algorithm specifier A minus sign causes serial numbers and extensions to be removed. A plus sign causes serial numbers to be added to a CRL. When removing items from a CRL, the list may contain both serial numbers and ObjectIds. A minus sign before %6 causes the legacy signature format to be used. A plus sign before %6 causes the alternature signature format to be used. If %6 is not specifed then the signature format in the certificate or CRL is used. |
2315 | InfoName -- indicates the CA property to display (see below) Use "*" for all properties Index -- optional zero-based property index ErrorCode -- numeric error code |
InfoName -- indicates the CA property to display (see below) Use "*" for all properties Index -- optional zero-based property index ErrorCode -- numeric error code |
2316 | %1 -- Use CA's registry key %2 -- Use CA's restore registry key %3 -- Use policy module's registry key %4 -- Use first exit module's registry key %5 -- Use template registry key (use -user for user templates) %6 -- Use enrollment registry key (use -user for user context) %7 -- Use chain configuration registry key %8 -- Use Policy Servers registry key %9 -- Use policy or exit module's ProgId (registry subkey name) RegistryValueName -- registry value name (use "Name*" to prefix match) Value -- new numeric, string or date registry value or filename. If a numeric value starts with "+" or "-", the bits specified in the new value are set or cleared in the existing registry value. If a string value starts with "+" or "-", and the existing value is a REG_MULTI_SZ value, the string is added to or removed from the existing registry value. To force creation of a REG_MULTI_SZ value, add a " " to the end of the string value. If the value starts with "@", the rest of the value is the name of the file containing the hexadecimal text representation of a binary value. If it does not refer to a valid file, it is instead parsed as [Date][+|-][%11] -- an optional date plus or minus optional days and hours. If both are specified, use a plus sign (+) or minus sign (-) separator. Use "%10+%11" for a date relative to the current time. Use "%13" as a suffix to create a REG_QWORD value. Use "%7\%12 @%10" to effectively flush cached CRLs. |
%1 -- Use CA's registry key %2 -- Use CA's restore registry key %3 -- Use policy module's registry key %4 -- Use first exit module's registry key %5 -- Use template registry key (use -user for user templates) %6 -- Use enrollment registry key (use -user for user context) %7 -- Use chain configuration registry key %8 -- Use Policy Servers registry key %9 -- Use policy or exit module's ProgId (registry subkey name) RegistryValueName -- registry value name (use "Name*" to prefix match) Value -- new numeric, string or date registry value or filename. If a numeric value starts with "+" or "-", the bits specified in the new value are set or cleared in the existing registry value. If a string value starts with "+" or "-", and the existing value is a REG_MULTI_SZ value, the string is added to or removed from the existing registry value. To force creation of a REG_MULTI_SZ value, add a " " to the end of the string value. If the value starts with "@", the rest of the value is the name of the file containing the hexadecimal text representation of a binary value. If it does not refer to a valid file, it is instead parsed as [Date][+|-][%11] -- an optional date plus or minus optional days and hours. If both are specified, use a plus sign (+) or minus sign (-) separator. Use "%10+%11" for a date relative to the current time. Use "%13" as a suffix to create a REG_QWORD value. Use "%7\%12 @%10" to effectively flush cached CRLs. |
2317 | %3 -- new CRL validity period in days and hours %1 -- republish most recent CRLs %2 -- delta CRLs only (default is base and delta CRLs) |
%3 -- new CRL validity period in days and hours %1 -- republish most recent CRLs %2 -- delta CRLs only (default is base and delta CRLs) |
2318 | Index -- CRL index or key index (defaults to CRL for newest key) %1 -- delta CRL (default is base CRL) |
Index -- CRL index or key index (defaults to CRL for newest key) %1 -- delta CRL (default is base CRL) |
2319 | CertFile -- Certificate to verify ApplicationPolicyList -- optional comma separated list of required Application Policy ObjectIds IssuancePolicyList -- optional comma separated list of required Issuance Policy ObjectIds CACertFile -- optional issuing CA certificate to verify against CrossedCACertFile -- optional certificate cross-certified by CertFile CRLFile -- CRL to verify IssuedCertFile -- optional issued certificate covered by CRLFile DeltaCRLFile -- optional delta CRL If ApplicationPolicyList is specified, chain building is restricted to chains valid for the specified Application Policies. If IssuancePolicyList is specified, chain building is restricted to chains valid for the specified Issuance Policies. If CACertFile is specified, fields in CACertFile are verified against CertFile or CRLFile. If CACertFile is not specified, CertFile is used to build and verify a full chain. If CACertFile and CrossedCACertFile are both specified, fields in CACertFile and CrossedCACertFile are verified against CertFile. If IssuedCertFile is specified, fields in IssuedCertFile are verified against CRLFile. If DeltaCRLFile is specified, fields in DeltaCRLFile are verified against CRLFile. |
CertFile -- Certificate to verify ApplicationPolicyList -- optional comma separated list of required Application Policy ObjectIds IssuancePolicyList -- optional comma separated list of required Issuance Policy ObjectIds CACertFile -- optional issuing CA certificate to verify against CrossedCACertFile -- optional certificate cross-certified by CertFile CRLFile -- CRL to verify IssuedCertFile -- optional issued certificate covered by CRLFile DeltaCRLFile -- optional delta CRL If ApplicationPolicyList is specified, chain building is restricted to chains valid for the specified Application Policies. If IssuancePolicyList is specified, chain building is restricted to chains valid for the specified Issuance Policies. If CACertFile is specified, fields in CACertFile are verified against CertFile or CRLFile. If CACertFile is not specified, CertFile is used to build and verify a full chain. If CACertFile and CrossedCACertFile are both specified, fields in CACertFile and CrossedCACertFile are verified against CertFile. If IssuedCertFile is specified, fields in IssuedCertFile are verified against CRLFile. If DeltaCRLFile is specified, fields in DeltaCRLFile are verified against CRLFile. |
2320 | KeyContainerName -- key container name of the key to verify Defaults to machine keys. Use -user for user keys CACertFile -- signing or encryption certificate file If no arguments are specified, each signing CA cert is verified against its private key. This operation can only be performed against a local CA or local keys. |
KeyContainerName -- key container name of the key to verify Defaults to machine keys. Use -user for user keys CACertFile -- signing or encryption certificate file If no arguments are specified, each signing CA cert is verified against its private key. This operation can only be performed against a local CA or local keys. |
2321 | CertificateStoreName -- Certificate store name. Examples: "%1", "%2" (default), "%3", "%10" (View Root Certificates) "%11" (Modify Root Certificates) "%12" (View CRLs) "%13" (Enterprise CA Certificates) %16 (AD machine object certificates) %5 %16 (AD user object certificates) CertId -- Certificate or CRL match token. This can be a serial number, an SHA-1 certificate, CRL, CTL or public key hash, a numeric cert index (0, 1, etc.), a numeric CRL index (.0, .1, etc.), a numeric CTL index (..0, ..1, etc.), a public key, signature or extension ObjectId, a certificate subject Common Name, an e-mail address, UPN or DNS name, a key container name or CSP name, a template name or ObjectId, an EKU or Application Policies ObjectId, or a CRL issuer Common Name. Many of the above may result in multiple matches. OutputFile -- file to save matching cert Use %5 to access a user store instead of a machine store. Use %4 to access a machine enterprise store. Use %14 to access a machine service store. Use %15 to access a machine group policy store. Examples: %6 %7 %8 %9 |
CertificateStoreName -- Certificate store name. Examples: "%1", "%2" (default), "%3", "%10" (View Root Certificates) "%11" (Modify Root Certificates) "%12" (View CRLs) "%13" (Enterprise CA Certificates) %16 (AD machine object certificates) %5 %16 (AD user object certificates) CertId -- Certificate or CRL match token. This can be a serial number, an SHA-1 certificate, CRL, CTL or public key hash, a numeric cert index (0, 1, etc.), a numeric CRL index (.0, .1, etc.), a numeric CTL index (..0, ..1, etc.), a public key, signature or extension ObjectId, a certificate subject Common Name, an e-mail address, UPN or DNS name, a key container name or CSP name, a template name or ObjectId, an EKU or Application Policies ObjectId, or a CRL issuer Common Name. Many of the above may result in multiple matches. OutputFile -- file to save matching cert Use %5 to access a user store instead of a machine store. Use %4 to access a machine enterprise store. Use %14 to access a machine service store. Use %15 to access a machine group policy store. Examples: %6 %7 %8 %9 |
2322 | CertificateStoreName -- Certificate store name. See -store. InFile -- Certificate or CRL file to add to store. |
CertificateStoreName -- Certificate store name. See -store. InFile -- Certificate or CRL file to add to store. |
2323 | CertificateStoreName -- Certificate store name. See -store. CertId -- Certificate or CRL match token. See -store. |
CertificateStoreName -- Certificate store name. See -store. CertId -- Certificate or CRL match token. See -store. |
2324 | BackupDirectory -- directory to store backed up data %1 -- perform incremental backup only (default is full backup) %2 -- preserve database log files (default is to truncate log files) |
BackupDirectory -- directory to store backed up data %1 -- perform incremental backup only (default is full backup) %2 -- preserve database log files (default is to truncate log files) |
2325 | BackupDirectory -- directory to store backed up database files %1 -- perform incremental backup only (default is full backup) %2 -- preserve database log files (default is to truncate log files) |
BackupDirectory -- directory to store backed up database files %1 -- perform incremental backup only (default is full backup) %2 -- preserve database log files (default is to truncate log files) |
2326 | BackupDirectory -- directory to store backed up PFX file | BackupDirectory -- directory to store backed up PFX file |
2327 | BackupDirectory -- directory containing data to be restored | BackupDirectory -- directory containing data to be restored |
2328 | BackupDirectory -- directory containing database files to be restored | BackupDirectory -- directory containing database files to be restored |
2329 | BackupDirectory -- directory containing PFX file to be restored PFXFile -- PFX file to be restored |
BackupDirectory -- directory containing PFX file to be restored PFXFile -- PFX file to be restored |
2330 | CertificateStoreName -- Certificate store name. See -store. CertId -- Certificate or CRL match token. See -store. PFXFile -- exported PFX data output file Modifiers -- Comma separated list of one or more of the following: %5 -- Do not export the certificate chain %6 -- Do not export the root certificate %9 -- Include extended properties %10 -- Do not encrypt the certificates %11 -- Encrypt the certificates %12 -- Export Parameters Defaults to personal machine store. |
CertificateStoreName -- Certificate store name. See -store. CertId -- Certificate or CRL match token. See -store. PFXFile -- exported PFX data output file Modifiers -- Comma separated list of one or more of the following: %5 -- Do not export the certificate chain %6 -- Do not export the root certificate %9 -- Include extended properties %10 -- Do not encrypt the certificates %11 -- Encrypt the certificates %12 -- Export Parameters Defaults to personal machine store. |
2331 | CertificateStoreName -- Certificate store name. See -store. PFXFile -- PFX file to be imported Modifiers -- Comma separated list of one or more of the following: %1 -- Change the KeySpec to Signature %2 -- Change the KeySpec to Key Exchange %3 -- Make the private key non-exportable %4 -- Do not import the certificate %5 -- Do not import the certificate chain %6 -- Do not import the root certificate %7 -- Protect keys with password %8 -- Do not password protect keys Defaults to personal machine store. |
CertificateStoreName -- Certificate store name. See -store. PFXFile -- PFX file to be imported Modifiers -- Comma separated list of one or more of the following: %1 -- Change the KeySpec to Signature %2 -- Change the KeySpec to Key Exchange %3 -- Make the private key non-exportable %4 -- Do not import the certificate %5 -- Do not import the certificate chain %6 -- Do not import the root certificate %7 -- Protect keys with password %8 -- Do not password protect keys Defaults to personal machine store. |
2332 | UserKeyAndCertFile -- Data file containing user private keys and certificates to be archived. This can be any of the following: Exchange Key Management Server (KMS) export file PFX file CertId -- KMS export file decryption certificate match token. See -store. Use %1 to import certificates not issued by the CA. |
UserKeyAndCertFile -- Data file containing user private keys and certificates to be archived. This can be any of the following: Exchange Key Management Server (KMS) export file PFX file CertId -- KMS export file decryption certificate match token. See -store. Use %1 to import certificates not issued by the CA. |
2333 | PFXInFileList -- Comma separated PFX input file list PFXOutFile -- PFX output file Modifiers -- Comma separated list of one or more of the following: %9 -- Include extended properties %10 -- Do not encrypt the certificates %11 -- Encrypt the certificates The password specified on the command line is a comma separated password list. If more than one password is specified, the last password is used for the output file. If only one password is provided or if the last password is "*", the user will be prompted for the output file password. |
PFXInFileList -- Comma separated PFX input file list PFXOutFile -- PFX output file Modifiers -- Comma separated list of one or more of the following: %9 -- Include extended properties %10 -- Do not encrypt the certificates %11 -- Encrypt the certificates The password specified on the command line is a comma separated password list. If more than one password is specified, the last password is used for the output file. If only one password is provided or if the last password is "*", the user will be prompted for the output file password. |
2334 | PFXInFileList -- Comma separated PFX input file list EPF -- EPF output file %1 -- Use CAST 64 encryption %2 -- Use CAST 64 encryption (export) V3CACertId -- V3 CA Certificate match token. See -store CertId description. Salt -- EPF output file salt string The password specified on the command line is a comma separated password list. If more than one password is specified, the last password is used for the output file. If only one password is provided or if the last password is "*", the user will be prompted for the output file password. |
PFXInFileList -- Comma separated PFX input file list EPF -- EPF output file %1 -- Use CAST 64 encryption %2 -- Use CAST 64 encryption (export) V3CACertId -- V3 CA Certificate match token. See -store CertId description. Salt -- EPF output file salt string The password specified on the command line is a comma separated password list. If more than one password is specified, the last password is used for the output file. If only one password is provided or if the last password is "*", the user will be prompted for the output file password. |
2335 | RequestId -- numeric Request Id of pending request AttributeString -- Request Attribute name and value pairs Names and values are colon separated. Multiple name, value pairs are newline separated. Example: "CertificateTemplate:User EMail:[email protected]" Each " " sequence is converted to a newline separator. |
RequestId -- numeric Request Id of pending request AttributeString -- Request Attribute name and value pairs Names and values are colon separated. Multiple name, value pairs are newline separated. Example: "CertificateTemplate:User EMail:[email protected]" Each " " sequence is converted to a newline separator. |
2336 | SerialNumber -- Comma separated list of certificate serial numbers to revoke Reason -- numeric or symbolic revocation reason: 0: %1 -- Unspecified (default) 1: %2 -- Key Compromise 2: %3 -- CA Compromise 3: %4 -- Affiliation Changed 4: %5 -- Superseded 5: %6 -- Cessation of Operation 6: %7 -- Certificate Hold 8: %8 -- Remove From CRL 9: %9 -- Privilege Withdrawn 10: %10 -- AA Compromise -1: %11 -- Unrevoke |
SerialNumber -- Comma separated list of certificate serial numbers to revoke Reason -- numeric or symbolic revocation reason: 0: %1 -- Unspecified (default) 1: %2 -- Key Compromise 2: %3 -- CA Compromise 3: %4 -- Affiliation Changed 4: %5 -- Superseded 5: %6 -- Cessation of Operation 6: %7 -- Certificate Hold 8: %8 -- Remove From CRL 9: %9 -- Privilege Withdrawn 10: %10 -- AA Compromise -1: %11 -- Unrevoke |
2337 | Use %1 to import the certificate in place of a pending request for the same key. Use %2 to import certificates not issued by the CA. The CA may also need to be configured to support foreign certificate import: %3 |
Use %1 to import the certificate in place of a pending request for the same key. Use %2 to import certificates not issued by the CA. The CA may also need to be configured to support foreign certificate import: %3 |
2338 | OutCACertFile -- output file Index -- CA certificate renewal index (defaults to most recent) |
OutCACertFile -- output file Index -- CA certificate renewal index (defaults to most recent) |
2339 | OutCACertChainFile -- output file Index -- CA certificate renewal index (defaults to most recent) |
OutCACertChainFile -- output file Index -- CA certificate renewal index (defaults to most recent) |
2340 | Use %2 to ignore an outstanding renewal request, and generate a new request. | Use %2 to ignore an outstanding renewal request, and generate a new request. |
2341 | Verify Certificate or CRL URLs | Verify Certificate or CRL URLs |
2342 | InFile | URL | InFile | URL |
2343 | Certificate "%ws" already in store. | Certificate "%ws" already in store. |
2344 | Certificate "%ws" added to store. | Certificate "%ws" added to store. |
2345 | CRL "%ws" already in store. | CRL "%ws" already in store. |
2346 | CRL "%ws" added to store. | CRL "%ws" added to store. |
2347 | CTL %ws already in store. | CTL %ws already in store. |
2348 | CTL %ws added to store. | CTL %ws added to store. |
2349 | KMS V1 CA Certificate List | KMS V1 CA Certificate List |
2350 | Select KMS V1 CA certificate | Select KMS V1 CA certificate |
2351 | Error message text | Error message text |
2352 | Error message text and error code | Error message text and error code |
2353 | Retrieving | Retrieving |
2354 | Success | Success |
2355 | Failed | Failed |
2356 | Verifying | Verifying |
2357 | Verify Failure | Verify Failure |
2358 | No URLs | No URLs |
2361 | Wrong Issuer | Wrong Issuer |
2363 | Revocation Check Failed | Revocation Check Failed |
2364 | No CRL | No CRL |
2365 | OK | OK |
2366 | CDP | CDP |
2367 | AIA | AIA |
2372 | Status | Status |
2373 | Type | Type |
2374 | Url | Url |
2375 | Retrieval Time | Retrieval Time |
2378 | GetObjectUrl | GetObjectUrl |
2379 | Certificate Subject | Certificate Subject |
2380 | Base CRL Issuer | Base CRL Issuer |
2381 | Delta CRL Issuer | Delta CRL Issuer |
2382 | No Selection | No Selection |
2383 | No Certificate Selected | No Certificate Selected |
2384 | Error Opening Certificate or CRL File | Error Opening Certificate or CRL File |
2386 | Error Information | Error Information |
2387 | Error retrieving URL: %ws | Error retrieving URL: %ws |
2388 | No URLs found: %ws | No URLs found: %ws |
2389 | Cannot find KMS CA certificate required to construct the EPF file. Enroll a client in the same KMS and use Outlook to save the user keys to an EPF file. Take the EPF file to the current machine and use certutil to dump the EPF file. This will import the needed KMS CA certificates into the local machine cert store, making them available to construct new EPF files. |
Cannot find KMS CA certificate required to construct the EPF file. Enroll a client in the same KMS and use Outlook to save the user keys to an EPF file. Take the EPF file to the current machine and use certutil to dump the EPF file. This will import the needed KMS CA certificates into the local machine cert store, making them available to construct new EPF files. |
2390 | %1 -- generate a script to retrieve and recover keys (default behavior if multiple matching recovery candidates are found, or if the output file is not specified). %2 -- retrieve one or more Key Recovery Blobs (default behavior if exactly one matching recovery candidate is found, and if the output file is specified) %3 -- retrieve and recover private keys in one step (requires Key Recovery Agent certificates and private keys) SearchToken -- Used to select the keys and certificates to be recovered. Can be any of the following: Certificate Common Name Certificate Serial Number Certificate SHA-1 hash (thumbprint) Certificate KeyId SHA-1 hash (Subject Key Identifier) Requester Name (domain\user) UPN (user@domain) RecoveryBlobOutFile -- output file containing a certificate chain and an associated private key, still encrypted to one or more Key Recovery Agent certificates. OutputScriptFile -- output file containing a batch script to retrieve and recover private keys. OutputFileBaseName -- output file base name. For %2, any extension is truncated and a certificate-specific string and the %4 extension are appended for each key recovery blob. Each file contains a certificate chain and an associated private key, still encrypted to one or more Key Recovery Agent certificates. For %3, any extension is truncated and the %5 extension is appended. Contains the recovered certificate chains and associated private keys, stored as a PFX file. |
%1 -- generate a script to retrieve and recover keys (default behavior if multiple matching recovery candidates are found, or if the output file is not specified). %2 -- retrieve one or more Key Recovery Blobs (default behavior if exactly one matching recovery candidate is found, and if the output file is specified) %3 -- retrieve and recover private keys in one step (requires Key Recovery Agent certificates and private keys) SearchToken -- Used to select the keys and certificates to be recovered. Can be any of the following: Certificate Common Name Certificate Serial Number Certificate SHA-1 hash (thumbprint) Certificate KeyId SHA-1 hash (Subject Key Identifier) Requester Name (domain\user) UPN (user@domain) RecoveryBlobOutFile -- output file containing a certificate chain and an associated private key, still encrypted to one or more Key Recovery Agent certificates. OutputScriptFile -- output file containing a batch script to retrieve and recover private keys. OutputFileBaseName -- output file base name. For %2, any extension is truncated and a certificate-specific string and the %4 extension are appended for each key recovery blob. Each file contains a certificate chain and an associated private key, still encrypted to one or more Key Recovery Agent certificates. For %3, any extension is truncated and the %5 extension is appended. Contains the recovered certificate chains and associated private keys, stored as a PFX file. |
2391 | %ws deleted from DS store. | %ws deleted from DS store. |
2392 | Forward cross cert | Forward cross cert |
2393 | Backward cross cert | Backward cross cert |
2397 | Not found | Not found |
2398 | Invalid | Invalid |
2399 | Untrusted | Untrusted |
2400 | Not loaded | Not loaded |
2401 | CA cross cert | CA cross cert |
2402 | System default Language Id: | System default Language Id: |
2403 | Version %u certificates and keys: | Version %u certificates and keys: |
2404 | Use old PFX encryption | Use old PFX encryption |
2405 | Certificate signature is valid | Certificate signature is valid |
2406 | Key usage count | Key usage count |
2408 | Not supported | Not supported |
2409 | CA cert version | CA cert version |
2410 | Enabled Active Server Pages (ASP) | Enabled Active Server Pages (ASP) |
2411 | Active Server Pages (ASP) already enabled | Active Server Pages (ASP) already enabled |
2412 | Error enabling Active Server Pages (ASP) | Error enabling Active Server Pages (ASP) |
2413 | MISSING! | MISSING! |
2414 | Sanitized CA short name (DS name) | Sanitized CA short name (DS name) |
2415 | WinINet Cache entries deleted: %u | WinINet Cache entries deleted: %u |
2416 | WinINet Cache entries: %u | WinINet Cache entries: %u |
2417 | Permitted | Permitted |
2418 | Excluded | Excluded |
2419 | IP Address | IP Address |
2420 | Mask | Mask |
2421 | URL -- cached URL %1 -- operate on all cached CRL URLs only %2 -- operate on all cached URLs %3 -- delete relevant URLs from the current user's local cache Use %4 to force fetching a specific URL and updating the cache. |
URL -- cached URL %1 -- operate on all cached CRL URLs only %2 -- operate on all cached URLs %3 -- delete relevant URLs from the current user's local cache Use %4 to force fetching a specific URL and updating the cache. |
2422 | Subtree | Subtree |
2423 | Related Certificates: | Related Certificates: |
2424 | Related CRLs: | Related CRLs: |
2425 | Exact match: | Exact match: |
2426 | Protect keys with password | Protect keys with password |
2427 | Set templates for CA | Set templates for CA |
2428 | [+ | -]TemplateList | [+ | -]TemplateList |
2429 | Adding | Adding |
2430 | Removing | Removing |
2431 | Already present | Already present |
2432 | Not present | Not present |
2433 | KMS export file signature verifies | KMS export file signature verifies |
2434 | AutoEnroll Property | AutoEnroll Property |
2436 | Authority | Authority |
2437 | Friendly Name | Friendly Name |
2438 | Token match | Token match |
2439 | Bad Asn length encoding | Bad Asn length encoding |
2440 | Asn encoding: %x extra bytes | Asn encoding: %x extra bytes |
2441 | %ws key verifies against certificate | %ws key verifies against certificate |
2442 | %ws key does not match certificate | %ws key does not match certificate |
2443 | Expected | Expected |
2444 | Public key: | Public key: |
2445 | Cert Public key: | Cert Public key: |
2446 | certificates | certificates |
2447 | Signing | Signing |
2448 | Exchange | Exchange |
2449 | LoadCert(CACrossed) returned %ws | LoadCert(CACrossed) returned %ws |
2450 | Crossed CA Cert | Crossed CA Cert |
2451 | Crossed CA Cert Serial Number: | Crossed CA Cert Serial Number: |
2452 | Crossed CA Subject name matches Cert Subject | Crossed CA Subject name matches Cert Subject |
2453 | ERROR: Crossed CA Subject name does not match Cert Subject | ERROR: Crossed CA Subject name does not match Cert Subject |
2454 | Crossed CA public key matches Cert key | Crossed CA public key matches Cert key |
2455 | ERROR: Certificate public key does NOT match Cert key | ERROR: Certificate public key does NOT match Cert key |
2456 | Crossed CA Subject Key Id matches Cert Subject Key Id | Crossed CA Subject Key Id matches Cert Subject Key Id |
2457 | ERROR: Crossed CA Key Id does not match Key Id | ERROR: Crossed CA Key Id does not match Key Id |
2459 | canonicalized | canonicalized |
2460 | A required CRL extension is missing | A required CRL extension is missing |
2461 | Verified | Verified |
2462 | Bad CA Cert Subject | Bad CA Cert Subject |
2463 | Bad Cert Issuer | Bad Cert Issuer |
2464 | Old Base CRL | Old Base CRL |
2465 | Bad Authority Key Id | Bad Authority Key Id |
2466 | No IDP Intersection | No IDP Intersection |
2467 | ERROR: CRL Issuer does not match Cert Issuer | ERROR: CRL Issuer does not match Cert Issuer |
2468 | CRL Issuer matches Cert Issuer | CRL Issuer matches Cert Issuer |
2469 | Provider | Provider |
2470 | ERROR: CRL IDP extension does not match Cert CDP | ERROR: CRL IDP extension does not match Cert CDP |
2471 | ERROR: CRL Issuer does not match Delta CRL Issuer | ERROR: CRL Issuer does not match Delta CRL Issuer |
2472 | CRL Issuer matches Delta CRL Issuer | CRL Issuer matches Delta CRL Issuer |
2473 | WARNING: CRL CA Version does not match Cert CA Version | WARNING: CRL CA Version does not match Cert CA Version |
2474 | WARNING: CRL CA Version does not match Delta CRL CA Version | WARNING: CRL CA Version does not match Delta CRL CA Version |
2475 | ERROR: CRL Number less than Delta CRL Minimum Base | ERROR: CRL Number less than Delta CRL Minimum Base |
2476 | ERROR: CRL is not a Base CRL | ERROR: CRL is not a Base CRL |
2477 | ERROR: CRL is not a Delta CRL | ERROR: CRL is not a Delta CRL |
2478 | Verifying Issued Certificate: | Verifying Issued Certificate: |
2479 | Verifying Delta CRL: | Verifying Delta CRL: |
2480 | WinHttp Cache entries deleted: %u | WinHttp Cache entries deleted: %u |
2481 | WinHttp Cache entries: %u | WinHttp Cache entries: %u |
2482 | Meta File Name: | Meta File Name: |
2483 | WinINet Cache entry: | WinINet Cache entry: |
2484 | WinHttp Cache entry: | WinHttp Cache entry: |
2485 | CAName | CAName |
2486 | MachineName | MachineName |
2487 | Time: | Time: |
2488 | Certificate AIA | Certificate AIA |
2489 | Certificate CDP | Certificate CDP |
2490 | Base CRL CDP | Base CRL CDP |
2491 | URL fetch timeout in milliseconds | URL fetch timeout in milliseconds |
2492 | Timeout | Timeout |
2493 | Cannot export public key | Cannot export public key |
2494 | Display password and private key data | Display password and private key data |
2495 | OCSP | OCSP |
2496 | Decode Error | Decode Error |
2497 | Unsuccessful | Unsuccessful |
2498 | Unsupported | Unsupported |
2500 | Invalid Signature | Invalid Signature |
2501 | OCSP Request: | OCSP Request: |
2502 | OCSP Response: | OCSP Response: |
2503 | Produced At | Produced At |
2504 | OCSP Response Entries: | OCSP Response Entries: |
2505 | OCSP Response Info | OCSP Response Info |
2506 | OCSP Request Entries: | OCSP Request Entries: |
2507 | OCSP Request Info | OCSP Request Info |
2508 | Issuer Name Hash(%ws): | Issuer Name Hash(%ws): |
2509 | Issuer Key Hash(%ws): | Issuer Key Hash(%ws): |
2510 | Serial Number Not Found | Serial Number Not Found |
2512 | Invalid Signer EKU | Invalid Signer EKU |
2513 | Signer Expired | Signer Expired |
2514 | Revoked As Of | Revoked As Of |
2515 | Certificate OCSP | Certificate OCSP |
2516 | Parse ASN.1 file | Parse ASN.1 file |
2517 | File [type] | File [type] |
2518 | DECODE ERROR! | DECODE ERROR! |
2519 | Unique container name | Unique container name |
2520 | To be backed up | To be backed up |
2521 | Expected Base CRL | Expected Base CRL |
2522 | Expected Delta CRL | Expected Delta CRL |
2523 | Default Container | Default Container |
2524 | End Of Content | End Of Content |
2525 | Install a Certification Authority on current machine | Install a Certification Authority on current machine |
2526 | Manage smart card root certificates | Manage smart card root certificates |
2527 | Root Certificate Provisioning | Root Certificate Provisioning |
2528 | %1 [%5][InputRootFile] [ReaderName] %2 %6OutputRootFile [ReaderName] %3 [InputRootFile | ReaderName] %4 [ReaderName] |
%1 [%5][InputRootFile] [ReaderName] %2 %6OutputRootFile [ReaderName] %3 [InputRootFile | ReaderName] %4 [ReaderName] |
2529 | Use hash of data as signature | Use hash of data as signature |
2530 | Simple container name | Simple container name |
2531 | Cipher Algorithms | Cipher Algorithms |
2532 | Hash Algorithms | Hash Algorithms |
2533 | Asymmetric Encryption Algorithms | Asymmetric Encryption Algorithms |
2534 | Secret Agreement Algorithms | Secret Agreement Algorithms |
2535 | Signature Algorithms | Signature Algorithms |
2536 | RNG Algorithms | RNG Algorithms |
2537 | Display COM registry information | Display COM registry information |
2538 | [ClassId | ProgId | DllName | *] | [ClassId | ProgId | DllName | *] |
2539 | Yes | Yes |
2540 | No | No |
2541 | Allow | Allow |
2542 | Deny | Deny |
2543 | CA Administrator | CA Administrator |
2544 | Certificate Manager | Certificate Manager |
2546 | Enroll | Enroll |
2547 | Auto-Enroll | Auto-Enroll |
2548 | Full Control | Full Control |
2549 | Write | Write |
2550 | Administrator permissions are needed to use the selected options. Use an administrator command prompt to complete these tasks. | Administrator permissions are needed to use the selected options. Use an administrator command prompt to complete these tasks. |
2551 | The restored CA certificate has expired. Before restarting Active Directory Certificate Services you must renew the CA certificate. | The restored CA certificate has expired. Before restarting Active Directory Certificate Services you must renew the CA certificate. |
2552 | Create/delete web virtual roots for OCSP web proxy | Create/delete web virtual roots for OCSP web proxy |
2554 | The OCSP Web Proxy already exists. | The OCSP Web Proxy already exists. |
2555 | Name of Symmetric Key Algorithm with optional key length, example: AES,128 or 3DES | Name of Symmetric Key Algorithm with optional key length, example: AES,128 or 3DES |
2556 | SymmetricKeyAlgorithm[,KeyLength] | SymmetricKeyAlgorithm[,KeyLength] |
2557 | This verb has been restricted by Common Criteria. | This verb has been restricted by Common Criteria. |
2558 | The certification propagation service could not be contacted. Your root certificates may not be available for use. | The certification propagation service could not be contacted. Your root certificates may not be available for use. |
2559 | Content Encryption Algorithm: | Content Encryption Algorithm: |
2560 | Encode text without CR-LF characters | Encode text without CR-LF characters |
2561 | Write redirected output in Unicode | Write redirected output in Unicode |
2562 | Enumerate certificate stores | Enumerate certificate stores |
2563 | [\\MachineName] | [\\MachineName] |
2564 | MachineName -- remote machine name. | MachineName -- remote machine name. |
2565 | Use service certificate store | Use service certificate store |
2566 | Use Group Policy certificate store | Use Group Policy certificate store |
2567 | Install default certificate templates | Install default certificate templates |
2568 | CertificateStoreName -- Certificate store name. See -store. CertIdList -- comma separated list of Certificate or CRL match tokens. See -store's CertId description. PropertyInfFile -- INF file containing external properties: %1 %2 Add archived property, OR: %3 Remove archived property %4 "%5Friendly Name" ; Add friendly name property %6 Add custom hexadecimal property %7 %8 %9 Add Key Provider Information property %10Container Name%11 %12 %13 %14 %15 %16 Add Enhanced Key Usage property %17 %18 |
CertificateStoreName -- Certificate store name. See -store. CertIdList -- comma separated list of Certificate or CRL match tokens. See -store's CertId description. PropertyInfFile -- INF file containing external properties: %1 %2 Add archived property, OR: %3 Remove archived property %4 "%5Friendly Name" ; Add friendly name property %6 Add custom hexadecimal property %7 %8 %9 Add Key Provider Information property %10Container Name%11 %12 %13 %14 %15 %16 Add Enhanced Key Usage property %17 %18 |
2569 | Dump smart card file information | Dump smart card file information |
2570 | [ReaderName] | [ReaderName] |
2571 | Cannot read file | Cannot read file |
2572 | Successfully uncompressed | Successfully uncompressed |
2573 | Cannot uncompress file | Cannot uncompress file |
2574 | Failed to authenticate to card | Failed to authenticate to card |
2575 | Successfully authenticated to card | Successfully authenticated to card |
2576 | Reading directory | Reading directory |
2577 | Enter PIN: | Enter PIN: |
2578 | Each restriction consists of a column name, a relational operator and a constant integer, string or date. One column name may be preceded by a plus or minus sign to indicate the sort order. Examples: %1 %2 %3 |
Each restriction consists of a column name, a relational operator and a constant integer, string or date. One column name may be preceded by a plus or minus sign to indicate the sort order. Examples: %1 %2 %3 |
2579 | Provider Aliases: | Provider Aliases: |
2580 | Provider Module: | Provider Module: |
2581 | Display CNG Configuration | Display CNG Configuration |
2582 | Display Enrollment Policy CAs | Display Enrollment Policy CAs |
2583 | [CAName | TemplateName] | [CAName | TemplateName] |
2584 | Manage Site Names for CAs | Manage Site Names for CAs |
2585 | [%1] [SiteName] %2 [SiteName] %3 |
[%1] [SiteName] %2 [SiteName] %3 |
2586 | Out of date | Out of date |
2587 | Successfully updated | Successfully updated |
2588 | Update error | Update error |
2589 | Asymmetric Algorithms | Asymmetric Algorithms |
2590 | All Algorithms | All Algorithms |
2591 | Enrollment Policy Server List | Enrollment Policy Server List |
2592 | Select Policy Server | Select Policy Server |
2593 | Default | Default |
2594 | --- ATR: | --- ATR: |
2595 | Display AD templates | Display AD templates |
2597 | Display AD CAs | Display AD CAs |
2598 | [CAName] | [CAName] |
2599 | Display Enrollment Policy | Display Enrollment Policy |
2600 | Policy Server URL or Id | Policy Server URL or Id |
2601 | URLOrId | URLOrId |
2602 | DistinguishedName | DistinguishedName |
2603 | type -- numeric CRYPT_STRING_* decoding type | type -- numeric CRYPT_STRING_* decoding type |
2604 | type -- numeric CRYPT_STRING_* encoding type | type -- numeric CRYPT_STRING_* encoding type |
2605 | ERROR: Could not verify certificate public key against private key | ERROR: Could not verify certificate public key against private key |
2606 | Enrollment Policy Url | Enrollment Policy Url |
2607 | Enrollment Policy Id | Enrollment Policy Id |
2609 | Enrollment Server Url | Enrollment Server Url |
2610 | Request Id | Request Id |
2611 | Authentication | Authentication |
2612 | Url Flags | Url Flags |
2613 | Add an Enrollment Server application | Add an Enrollment Server application |
2614 | %1 | %3 | %5 [%10] [%11] | %1 | %3 | %5 [%10] [%11] |
2615 | Add an Enrollment Server application and application pool if necessary, for the specified CA. This command does not install binaries or packages One of the following authentication methods with which the client connects to a Certificate Enrollment Server %1 -- %2 %3 -- %4 %5 -- %6 %10 -- Only renewal requests can be submitted to this CA via this URL %11 -- Allows use of a certificate that has no associated account in the AD. This applies only with ClientCertificate and AllowRenewalsOnly mode. |
Add an Enrollment Server application and application pool if necessary, for the specified CA. This command does not install binaries or packages One of the following authentication methods with which the client connects to a Certificate Enrollment Server %1 -- %2 %3 -- %4 %5 -- %6 %10 -- Only renewal requests can be submitted to this CA via this URL %11 -- Allows use of a certificate that has no associated account in the AD. This applies only with ClientCertificate and AllowRenewalsOnly mode. |
2616 | Delete an Enrollment Server application | Delete an Enrollment Server application |
2617 | %1 | %3 | %5 | %1 | %3 | %5 |
2618 | Delete an Enrollment Server application and application pool if necessary, for the specified CA. This command does not remove binaries or packages One of the following authentication methods with which the client connects to a Certificate Enrollment Server %1 -- %2 %3 -- %4 %5 -- %6. |
Delete an Enrollment Server application and application pool if necessary, for the specified CA. This command does not remove binaries or packages One of the following authentication methods with which the client connects to a Certificate Enrollment Server %1 -- %2 %3 -- %4 %5 -- %6. |
2619 | Install succeeded with warnings: %ws | Install succeeded with warnings: %ws |
2620 | UnInstall succeeded with warnings: %ws | UnInstall succeeded with warnings: %ws |
2621 | Smart Card Serial Number: | Smart Card Serial Number: |
2622 | ObjectId | ObjectId |
2623 | ObjectIds | ObjectIds |
2628 | CA | CA |
2629 | CAs | CAs |
2630 | Use anonymous SSL credentials | Use anonymous SSL credentials |
2631 | Use Kerberos SSL credentials | Use Kerberos SSL credentials |
2632 | Use X.509 Certificate SSL credentials | Use X.509 Certificate SSL credentials |
2633 | ClientCertId | ClientCertId |
2634 | Use named account for SSL credentials | Use named account for SSL credentials |
2635 | UserName | UserName |
2636 | Conflicting SSL credentials | Conflicting SSL credentials |
2638 | Select client authentication certificate | Select client authentication certificate |
2639 | CA locale name | CA locale name |
2640 | Display, add or delete enrollment server URLs associated with a CA | Display, add or delete enrollment server URLs associated with a CA |
2641 | [URL AuthenticationType [Priority] [Modifiers]] URL %9 |
[URL AuthenticationType [Priority] [Modifiers]] URL %9 |
2642 | AuthenticationType -- Specify one of the following client authentication methods while adding a URL %1 -- %2 %3 -- %4 %5 -- %6 %7 -- %8. %9 -- deletes the specified URL associated with the CA. Priority -- defaults to '1' if not specified when adding a URL. Modifiers -- Comma separated list of one or more of the following: %10 -- Only renewal requests can be submitted to this CA via this URL %11 -- Allows use of a certificate that has no associated account in the AD. This applies only with ClientCertificate and AllowRenewalsOnly Mode. |
AuthenticationType -- Specify one of the following client authentication methods while adding a URL %1 -- %2 %3 -- %4 %5 -- %6 %7 -- %8. %9 -- deletes the specified URL associated with the CA. Priority -- defaults to '1' if not specified when adding a URL. Modifiers -- Comma separated list of one or more of the following: %10 -- Only renewal requests can be submitted to this CA via this URL %11 -- Allows use of a certificate that has no associated account in the AD. This applies only with ClientCertificate and AllowRenewalsOnly Mode. |
2643 | Priority | Priority |
2644 | Display or delete Enrollment Policy Cache entries | Display or delete Enrollment Policy Cache entries |
2646 | %1 -- delete Policy Server cache entries %2 -- use %2 to delete all cache entries. |
%1 -- delete Policy Server cache entries %2 -- use %2 to delete all cache entries. |
2647 | NextUpdate | NextUpdate |
2648 | LastUpdate | LastUpdate |
2650 | Id | Id |
2652 | Path | Path |
2654 | AllowUntrustedCA | AllowUntrustedCA |
2656 | Cache file exists | Cache file exists |
2657 | Deleting cache entry! | Deleting cache entry! |
2658 | No cache file | No cache file |
2659 | Url does NOT match cache file name | Url does NOT match cache file name |
2660 | Cache Directory | Cache Directory |
2661 | Orphaned Cache file | Orphaned Cache file |
2662 | Display, add or delete Credential Store entries | Display, add or delete Credential Store entries |
2663 | [URL] URL %3 URL %1 |
[URL] URL %3 URL %1 |
2664 | URL -- target URL. Use %4 to match all entries Use %5 to match a URL prefix %3 -- add a Credential Store entry SSL credentials must also be specified %1 -- delete Credential Store entries %2 -- use %2 to overwrite an entry or to delete multiple entries. |
URL -- target URL. Use %4 to match all entries Use %5 to match a URL prefix %3 -- add a Credential Store entry SSL credentials must also be specified %1 -- delete Credential Store entries %2 -- use %2 to overwrite an entry or to delete multiple entries. |
2665 | Enforce UTF-8 | Enforce UTF-8 |
2666 | Name | Name |
2671 | Credential | Credential |
2672 | Credentials | Credentials |
2673 | Enrollment Certificate | Enrollment Certificate |
2674 | Enrollment Username/Password | Enrollment Username/Password |
2675 | SchemaId | SchemaId |
2676 | Properties | Properties |
2678 | Setting | Setting |
2679 | Indefinite Length | Indefinite Length |
2680 | %1 -- Delete all keys on the smart card | %1 -- Delete all keys on the smart card |
2681 | ================ Url %d ================ | ================ Url %d ================ |
2682 | ERROR: Container name inconsistent | ERROR: Container name inconsistent |
2683 | For selection U/I, use %3%1 %3 For all Policy Servers, use %3%1 %2 |
For selection U/I, use %3%1 %3 For all Policy Servers, use %3%1 %2 |
2684 | For selection U/I, use %2%1 %2 | For selection U/I, use %2%1 %2 |
2686 | WARNING: CA certificate expires before registry validity period. | WARNING: CA certificate expires before registry validity period. |
2687 | Added | Added |
2688 | Anonymous | Anonymous |
2689 | Kerberos | Kerberos |
2691 | Username | Username |
2693 | Web Enrollment Servers: | Web Enrollment Servers: |
2694 | Matches | Matches |
2695 | You must install the Certificate Enrollment Web Service using Server Manager or ServerManagerCmd.exe before adding an enrollment server application. | You must install the Certificate Enrollment Web Service using Server Manager or ServerManagerCmd.exe before adding an enrollment server application. |
2696 | To import a foreign certificate, see %ws | To import a foreign certificate, see %ws |
2697 | Enrollment Server Authentication | Enrollment Server Authentication |
2698 | Add a Policy Server application | Add a Policy Server application |
2699 | %1 | %3 | %5 [%10] | %1 | %3 | %5 [%10] |
2700 | Add a Policy Server application and application pool if necessary. This command does not install binaries or packages One of the following authentication methods with which the client connects to a Certificate Policy Server %1 -- %2 %3 -- %4 %5 -- %6 %10 -- Only policies that contain KeyBasedRenewal templates are returned to the client. This flag applies only for UserName and ClientCertificate authentication. |
Add a Policy Server application and application pool if necessary. This command does not install binaries or packages One of the following authentication methods with which the client connects to a Certificate Policy Server %1 -- %2 %3 -- %4 %5 -- %6 %10 -- Only policies that contain KeyBasedRenewal templates are returned to the client. This flag applies only for UserName and ClientCertificate authentication. |
2701 | Delete a Policy Server application | Delete a Policy Server application |
2703 | Delete a Policy Server application and application pool if necessary. This command does not remove binaries or packages One of the following authentication methods with which the client connects to a Certificate Policy Server %1 -- %2 %3 -- %4 %5 -- %6 %10 -- KeyBasedRenewal policy server. |
Delete a Policy Server application and application pool if necessary. This command does not remove binaries or packages One of the following authentication methods with which the client connects to a Certificate Policy Server %1 -- %2 %3 -- %4 %5 -- %6 %10 -- KeyBasedRenewal policy server. |
2704 | You must install the Certificate Enrollment Policy Web Service using Server Manager or ServerManagerCmd.exe before adding a policy server application. | You must install the Certificate Enrollment Policy Web Service using Server Manager or ServerManagerCmd.exe before adding a policy server application. |
2705 | ERROR: Signed signature algorithm conflict | ERROR: Signed signature algorithm conflict |
2706 | ERROR: Signed signature parameter conflict | ERROR: Signed signature parameter conflict |
2707 | AllowRenewalsOnly | AllowRenewalsOnly |
2708 | AllowKeyBasedRenewal | AllowKeyBasedRenewal |
2709 | Write output file in Unicode | Write output file in Unicode |
2710 | Subject Template OIDs | Subject Template OIDs |
2711 | ERROR: The password you specified is incorrect. However, you have permission to access the PFX without a password. Re-run the command without specifying a password. |
ERROR: The password you specified is incorrect. However, you have permission to access the PFX without a password. Re-run the command without specifying a password. |
2712 | PFX protected password: "%ws" |
PFX protected password: "%ws" |
2713 | The PFX protected password is incorrectly stored in the PFX file. It is: |
The PFX protected password is incorrectly stored in the PFX file. It is: |
2714 | PFX protected to: |
PFX protected to: |
2715 | AND | AND |
2716 | OR | OR |
2717 | Successfully deleted | Successfully deleted |
2718 | Already deleted | Already deleted |
2719 | Set, Verify or Delete CA site names Use the %4 option to target a single CA (Default is all CAs) SiteName is allowed only when targeting a single CA Use %5 to override validation errors for the specified SiteName Use %5 to delete all CA site names |
Set, Verify or Delete CA site names Use the %4 option to target a single CA (Default is all CAs) SiteName is allowed only when targeting a single CA Use %5 to override validation errors for the specified SiteName Use %5 to delete all CA site names |
2720 | Specified and Detected site names conflict | Specified and Detected site names conflict |
2721 | Existing | Existing |
2722 | Detected | Detected |
2723 | SKIPPED | SKIPPED |
2724 | [MaxSecondsToWait | CAMachineList] | [MaxSecondsToWait | CAMachineList] |
2725 | CAMachineList -- Comma-separated CA machine name list For a single machine, use a terminating comma Displays the site cost for each CA machine |
CAMachineList -- Comma-separated CA machine name list For a single machine, use a terminating comma Displays the site cost for each CA machine |
2726 | ERROR: missing key association property | ERROR: missing key association property |
2727 | Name Hash(%ws): | Name Hash(%ws): |
2728 | Signature Hash: | Signature Hash: |
2729 | Cached Key Identifier: | Cached Key Identifier: |
2730 | No container name match | No container name match |
2731 | ERROR: wrong KeyId! | ERROR: wrong KeyId! |
2732 | Found exact match | Found exact match |
2733 | No KeyId match | No KeyId match |
2734 | WARNING: different container name! | WARNING: different container name! |
2735 | Comma separated SAM Name/SID List | Comma separated SAM Name/SID List |
2736 | SAMNameAndSIDList | SAMNameAndSIDList |
2738 | Decrypted | Decrypted |
2739 | Full query results | Full query results |
2740 | Full Results | Full Results |
2741 | Key Query | Key Query |
2742 | Key Recovery Errors | Key Recovery Errors |
2743 | Key Blob | Key Blob |
2744 | Key Handle | Key Handle |
2745 | Key State | Key State |
2748 | No archived key to recover. | No archived key to recover. |
2749 | Recovery | Recovery |
2750 | Retrieval | Retrieval |
2751 | end | end |
2752 | start | start |
2753 | Queries | Queries |
2754 | Query matches | Query matches |
2755 | Recovered | Recovered |
2756 | Recovered Certificates | Recovered Certificates |
2757 | Recovered key files | Recovered key files |
2758 | Recovery blobs retrieved | Recovery blobs retrieved |
2759 | Recovery Candidates | Recovery Candidates |
2760 | Recovery Errors | Recovery Errors |
2761 | Recovery Result | Recovery Result |
2762 | Retrieved key files | Retrieved key files |
2763 | Retrieved Keys | Retrieved Keys |
2764 | Retrieved, but not Recovered | Retrieved, but not Recovered |
2765 | Rows | Rows |
2766 | Rows (no key) | Rows (no key) |
2767 | Script file | Script file |
2768 | State | State |
2769 | Token Query | Token Query |
2770 | Total Queries | Total Queries |
2772 | Smart Card PIN | Smart Card PIN |
2773 | Missing output script filename. | Missing output script filename. |
2774 | Missing output file base name. | Missing output file base name. |
2775 | Use %ws to delete all entries. | Use %ws to delete all entries. |
2776 | Error saving key data | Error saving key data |
2777 | One of the following Key Recovery Agent certificates is required to recover the key: | One of the following Key Recovery Agent certificates is required to recover the key: |
2779 | Private key is NOT plain text exportable | Private key is NOT plain text exportable |
2780 | Recovery blob file | Recovery blob file |
2781 | Verify AuthRoot or Disallowed Certificates CTL | Verify AuthRoot or Disallowed Certificates CTL |
2782 | CTLObject [CertDir] [CertFile] | CTLObject [CertDir] [CertFile] |
2783 | CTLObject -- Identifies the CTL to verify: %1 -- read AuthRoot CAB and matching certificates from the URL cache. Use %5 to download from Windows Update instead. %2 -- read Disallowed Certificates CAB and disallowed certificate store file from the URL cache. Use %5 to download from Windows Update instead. %7 -- read PinRules CAB from the URL cache. Use %5 to download from Windows Update instead. %3 -- read registry cached AuthRoot CTL. Use with %5 and a CertFile that is not already trusted to force updating the registry cached AuthRoot and Disallowed Certificate CTLs. %4 -- read registry cached Disallowed Certificates CTL. %5 has the same behavior as with %3. %8 -- read registry cached PinRules CTL. %5 has the same behavior as with %7. CTLFileName -- file or %6 path to CTL or CAB CertDir -- folder containing certificates matching CTL entries An %6 folder path must end with a path separator. If a folder is not specified with %3 or %4, multiple locations will be searched for matching certificates: local certificate stores, crypt32.dll resources and the local URL cache. Use %5 to download from Windows Update when necessary. Otherwise defaults to the same folder or web site as the CTLObject. CertFile -- file containing certificate(s) to verify. Certificates will be matched against CTL entries, and match results displayed. Suppresses most of the default output. |
CTLObject -- Identifies the CTL to verify: %1 -- read AuthRoot CAB and matching certificates from the URL cache. Use %5 to download from Windows Update instead. %2 -- read Disallowed Certificates CAB and disallowed certificate store file from the URL cache. Use %5 to download from Windows Update instead. %7 -- read PinRules CAB from the URL cache. Use %5 to download from Windows Update instead. %3 -- read registry cached AuthRoot CTL. Use with %5 and a CertFile that is not already trusted to force updating the registry cached AuthRoot and Disallowed Certificate CTLs. %4 -- read registry cached Disallowed Certificates CTL. %5 has the same behavior as with %3. %8 -- read registry cached PinRules CTL. %5 has the same behavior as with %7. CTLFileName -- file or %6 path to CTL or CAB CertDir -- folder containing certificates matching CTL entries An %6 folder path must end with a path separator. If a folder is not specified with %3 or %4, multiple locations will be searched for matching certificates: local certificate stores, crypt32.dll resources and the local URL cache. Use %5 to download from Windows Update when necessary. Otherwise defaults to the same folder or web site as the CTLObject. CertFile -- file containing certificate(s) to verify. Certificates will be matched against CTL entries, and match results displayed. Suppresses most of the default output. |
2784 | ERROR: Signature chain certificate not present in image: %ws | ERROR: Signature chain certificate not present in image: %ws |
2785 | ERROR: Extra signature chain certificate in image: %ws | ERROR: Extra signature chain certificate in image: %ws |
2786 | ERROR: Extra application policy: %ws | ERROR: Extra application policy: %ws |
2787 | ERROR: Missing application policy: %ws | ERROR: Missing application policy: %ws |
2788 | Result: Certificate exact match found | Result: Certificate exact match found |
2789 | Result: Certificate match found | Result: Certificate match found |
2790 | Result: Certificate match NOT found | Result: Certificate match NOT found |
2791 | Result: Certificate public key collision | Result: Certificate public key collision |
2792 | OCSP URLs | OCSP URLs |
2793 | AIA URLs | AIA URLs |
2794 | CDP URLs | CDP URLs |
2795 | Certificates that do not belong to the targeted CTL: %u | Certificates that do not belong to the targeted CTL: %u |
2796 | Default is to display DC certificates without verification | Default is to display DC certificates without verification |
2797 | %ws failed with error: | %ws failed with error: |
2798 | Loading | Loading |
2799 | Cert[%u]: references: | Cert[%u]: references: |
2800 | CTL[%u]: matches: | CTL[%u]: matches: |
2801 | Less than %ws | Less than %ws |
2802 | Strong Signature verification not supported | Strong Signature verification not supported |
2803 | Strong Signature error: | Strong Signature error: |
2804 | Legacy Signature error: | Legacy Signature error: |
2805 | Counter Signed!: | Counter Signed!: |
2806 | Authenticated attribute!: | Authenticated attribute!: |
2807 | Critical Extension | Critical Extension |
2808 | %u of %u entries present | %u of %u entries present |
2809 | Certificates to match: | Certificates to match: |
2810 | Legacy signatures: | Legacy signatures: |
2811 | Strong signatures: | Strong signatures: |
2812 | Missing Enhanced Key Usage property | Missing Enhanced Key Usage property |
2813 | PIN | PIN |
2814 | Signing certificate | Signing certificate |
2815 | CertId | CertId |
2816 | Sync with Windows Update | Sync with Windows Update |
2817 | DestinationDir | DestinationDir |
2818 | DestinationDir -- folder to copy to. The following files are downloaded from Windows Update: %1 - contains CTL of Third Party Roots. %2 - contains CTL of Disallowed Certificates. %3 - Disallowed Certificates. %4 - contains CTL of SSL Pin Rules. %5 - Pin Rules Certificates. .crt - Third Party Roots. |
DestinationDir -- folder to copy to. The following files are downloaded from Windows Update: %1 - contains CTL of Third Party Roots. %2 - contains CTL of Disallowed Certificates. %3 - Disallowed Certificates. %4 - contains CTL of SSL Pin Rules. %5 - Pin Rules Certificates. .crt - Third Party Roots. |
2819 | Generate SST from Windows Update | Generate SST from Windows Update |
2820 | SSTFile | SSTFile |
2821 | SSTFile -- %1 file to be created. The generated %1 file contains the Third Party Roots downloaded from Windows Update. |
SSTFile -- %1 file to be created. The generated %1 file contains the Third Party Roots downloaded from Windows Update. |
2822 | Updating | Updating |
2823 | "%ws" exists. Use "%ws" option to force overwrite. | "%ws" exists. Use "%ws" option to force overwrite. |
2824 | Warning! Encountered the following no longer trusted roots: | Warning! Encountered the following no longer trusted roots: |
2825 | Use "%ws" options to force the delete of the above "%ws" files. Was "%ws" updated? If yes, consider deferring the delete until all clients have been updated. |
Use "%ws" options to force the delete of the above "%ws" files. Was "%ws" updated? If yes, consider deferring the delete until all clients have been updated. |
2826 | Enabling temporary auto root update. | Enabling temporary auto root update. |
2827 | Restoring disable of auto root update. | Restoring disable of auto root update. |
2828 | Cannot enable auto root update in the registry. Are you running as elevated administrator? |
Cannot enable auto root update in the registry. Are you running as elevated administrator? |
2829 | No Updates! | No Updates! |
2830 | Added %d files. Updated %d files. | Added %d files. Updated %d files. |
2831 | Updated SST file. | Updated SST file. |
2832 | Display Trusted Platform Module Information | Display Trusted Platform Module Information |
2833 | CA Exchange Cert Hash | CA Exchange Cert Hash |
2834 | Verify Key Attestation Request | Verify Key Attestation Request |
2835 | RequestFile | RequestFile |
2836 | Manufacturer Endorsement Key Certificates | Manufacturer Endorsement Key Certificates |
2837 | Other Endorsement Key Certificates | Other Endorsement Key Certificates |
2838 | Challenge Pending | Challenge Pending |
2839 | Challenge Satisfied | Challenge Satisfied |
2840 | Trust On Use | Trust On Use |
2841 | Trust Endorsement Certificate | Trust Endorsement Certificate |
2842 | Trust Endorsement Key | Trust Endorsement Key |
2843 | Nonce digest | Nonce digest |
2844 | Attestation successful. | Attestation successful. |
2845 | Secret | Secret |
2846 | Decrypted EKInfo | Decrypted EKInfo |
2847 | EK Public Key | EK Public Key |
2848 | Activation | Activation |
2849 | Decrypted Secret | Decrypted Secret |
2850 | Activation successful. | Activation successful. |
2851 | Writing | Writing |
2852 | Cannot fetch EK public key | Cannot fetch EK public key |
2853 | EK KeyId(%ws): | EK KeyId(%ws): |
2854 | %1 | %1 |
2855 | Numeric SID | Numeric SID |
2856 | %2 -- Local System %3 -- Local Service %4 -- Network Service |
%2 -- Local System %3 -- Local Service %4 -- Network Service |
2857 | Hash algorithms: | Hash algorithms: |
2858 | No Manufacturer Endorsement Key Certificates | No Manufacturer Endorsement Key Certificates |
2859 | No Other Endorsement Key Certificates | No Other Endorsement Key Certificates |
2860 | Resource | Resource |
2861 | Updated DS Template and security descriptor | Updated DS Template and security descriptor |
2862 | Modifiers: | Modifiers: |
2863 | End Entity certificate only | End Entity certificate only |
2864 | Exclude root certificate | Exclude root certificate |
2865 | Certificates: Not Encrypted | Certificates: Not Encrypted |
2866 | Enabling temporary Pin Rules auto update. | Enabling temporary Pin Rules auto update. |
2867 | Restoring disable of Pin Rules auto update. | Restoring disable of Pin Rules auto update. |
2868 | Cannot enable Pin Rules auto update in the registry. Are you running as elevated administrator? |
Cannot enable Pin Rules auto update in the registry. Are you running as elevated administrator? |
2869 | Add ECC Curve | Add ECC Curve |
2870 | [CurveClass:]CurveName CurveParameters [CurveOID] [CurveType] | [CurveClass:]CurveName CurveParameters [CurveOID] [CurveType] |
2871 | CurveClass: -- ECC Curve Class Type: - %1 [Default] - %2 - %3 CurveName -- ECC Curve Name CurveParameters -- ECC Curve Parameters. It is one of the following - Certificate Filename Containing ASN Encoded Parameters - File Containing ASN Encoded Parameters CurveOID -- ECC Curve OID. It is one of the following: - Certificate Filename Containing ASN Encoded OID - Explicit ECC Curve OID CurveType -- Schannel ECC NamedCurve Point (Numeric) |
CurveClass: -- ECC Curve Class Type: - %1 [Default] - %2 - %3 CurveName -- ECC Curve Name CurveParameters -- ECC Curve Parameters. It is one of the following - Certificate Filename Containing ASN Encoded Parameters - File Containing ASN Encoded Parameters CurveOID -- ECC Curve OID. It is one of the following: - Certificate Filename Containing ASN Encoded OID - Explicit ECC Curve OID CurveType -- Schannel ECC NamedCurve Point (Numeric) |
2872 | Delete ECC Curve | Delete ECC Curve |
2873 | CurveName | CurveOID | CurveName | CurveOID |
2874 | CurveName -- ECC Curve Name CurveOID -- ECC Curve OID |
CurveName -- ECC Curve Name CurveOID -- ECC Curve OID |
2875 | Display ECC Curve | Display ECC Curve |
2876 | [CurveName | CurveOID] | [CurveName | CurveOID] |
2877 | CurveName -- ECC Curve name CurveOID -- ECC Curve OID |
CurveName -- ECC Curve name CurveOID -- ECC Curve OID |
2878 | ECC Curve Parameters | ECC Curve Parameters |
2879 | CNG Parameters Blob | CNG Parameters Blob |
2880 | ASN Parameters Blob | ASN Parameters Blob |
2881 | Public Key Length | Public Key Length |
2900 | Generate Pin Rules CTL | Generate Pin Rules CTL |
2901 | XMLFile CTLFile [SSTFile [QueryFilesPrefix]] | XMLFile CTLFile [SSTFile [QueryFilesPrefix]] |
2902 | XMLFile -- input XML file to be parsed. CTLFile -- output CTL file to be generated. SSTFile -- optional %1 file to be created. The %1 file contains all of the certificates used for pinning. QueryFilesPrefix -- optional %2 and %3 files to be created for database query. The QueryFilesPrefix string is prepended to each created file. The %2 file contains rule name, domain rows. The %3 file contains rule name, key SHA256 thumbprint rows. |
XMLFile -- input XML file to be parsed. CTLFile -- output CTL file to be generated. SSTFile -- optional %1 file to be created. The %1 file contains all of the certificates used for pinning. QueryFilesPrefix -- optional %2 and %3 files to be created for database query. The QueryFilesPrefix string is prepended to each created file. The %2 file contains rule name, domain rows. The %3 file contains rule name, key SHA256 thumbprint rows. |
2903 | SSL Policy matching ServerName | SSL Policy matching ServerName |
2904 | ServerName | ServerName |
2905 | Warning = Unable to verify downloaded Pin Rules on this version of Windows. Will continue. Recommend running on a later version of Windows. |
Warning = Unable to verify downloaded Pin Rules on this version of Windows. Will continue. Recommend running on a later version of Windows. |
2911 | Warning | Warning |
2913 | Encoding | Encoding |
2914 | Parsing | Parsing |
2915 | Matching | Matching |
2916 | Skipping | Skipping |
2917 | Getting | Getting |
2918 | Add Existing | Add Existing |
2919 | Add New | Add New |
2920 | Removing Duplicate | Removing Duplicate |
2921 | Skipping Element | Skipping Element |
2922 | Only Allow | Only Allow |
2923 | Elements | Elements |
2924 | Element Counts | Element Counts |
2925 | Duplicate Element | Duplicate Element |
2926 | Negative duration value | Negative duration value |
2927 | Not supported years or months duration value | Not supported years or months duration value |
2928 | Write Query Files | Write Query Files |
2929 | XML Parser Error Details | XML Parser Error Details |
2930 | Save To SST File | Save To SST File |
2931 | Finding Element: %ws | Finding Element: %ws |
2932 | Query Element: %ws | Query Element: %ws |
2933 | Getting %ws Element Count | Getting %ws Element Count |
2934 | Parsing Element: %ws Attributes | Parsing Element: %ws Attributes |
2935 | Duplicate = Removing %ws Matching %ws | Duplicate = Removing %ws Matching %ws |
2936 | Missing from other %ws Elements | Missing from other %ws Elements |
2937 | No %ws Elements | No %ws Elements |
2938 | Opening = Element: %ws %ws: %ws | Opening = Element: %ws %ws: %ws |
2939 | Enumerating = Element: %ws %ws: %ws | Enumerating = Element: %ws %ws: %ws |
2940 | Duplicate Attribute Value = %ws: %ws in Elements: %ws and %ws | Duplicate Attribute Value = %ws: %ws in Elements: %ws and %ws |
2941 | Normalize Attribute = Element: %ws Attribute: %ws: Value: %ws to %ws | Normalize Attribute = Element: %ws Attribute: %ws: Value: %ws to %ws |
2942 | Failed = Duplicate Attribute %ws: %hs in Element: %ws | Failed = Duplicate Attribute %ws: %hs in Element: %ws |
2943 | Failed = Element: %ws has no %ws Elements | Failed = Element: %ws has no %ws Elements |
2944 | Warning = Element: %ws has no %ws Elements | Warning = Element: %ws has no %ws Elements |
2945 | Failed = Missing Element: %ws | Failed = Missing Element: %ws |
2946 | Failed = Element: %ws has invalid Attribute: %ws | Failed = Element: %ws has invalid Attribute: %ws |
2947 | Failed = Element: %ws Attribute: %ws has invalid Value: %ws | Failed = Element: %ws Attribute: %ws has invalid Value: %ws |
2948 | Failed = Element: %ws has invalid Attribute: %ws with Reason: | Failed = Element: %ws has invalid Attribute: %ws with Reason: |
2949 | Failed = Element: %ws Attribute: %ws has invalid Value: %ws with Reason: | Failed = Element: %ws Attribute: %ws has invalid Value: %ws with Reason: |
2950 | Failed = Element: %ws is missing Attribute: %ws | Failed = Element: %ws is missing Attribute: %ws |
2951 | Duplicate Attribute Value %ws: %hs in Elements: %ws and %ws | Duplicate Attribute Value %ws: %hs in Elements: %ws and %ws |
2952 | Warning = No %ws certificates to save to SST File | Warning = No %ws certificates to save to SST File |
2953 | AlternateStorageLocation | AlternateStorageLocation |
2954 | AIK Public Key | AIK Public Key |
2955 | AIK KeyId(%ws): | AIK KeyId(%ws): |
2956 | Download OCSP Responses and Write to Directory | Download OCSP Responses and Write to Directory |
2957 | CertificateDir OcspDir [ThreadCount] [Modifiers] | CertificateDir OcspDir [ThreadCount] [Modifiers] |
2958 | CertificateDir -- directory of certificate, store and PFX files. OcspDir -- directory to write OCSP responses. ThreadCount -- optional maximum number of threads for concurrent downloading. Default is 10. Modifiers -- Comma separated list of one or more of the following: %1 -- Download once and exit %2 -- Read from OcspDir instead of writing By default, certutil won't exit and must be explicitly terminated. |
CertificateDir -- directory of certificate, store and PFX files. OcspDir -- directory to write OCSP responses. ThreadCount -- optional maximum number of threads for concurrent downloading. Default is 10. Modifiers -- Comma separated list of one or more of the following: %1 -- Download once and exit %2 -- Read from OcspDir instead of writing By default, certutil won't exit and must be explicitly terminated. |
2959 | Check certificate files in directory | Check certificate files in directory |
2960 | No Downloads! | No Downloads! |
2961 | Wait forever for downloads | Wait forever for downloads |
2962 | Failed = downloadOcsp option not supported on this version of Windows. | Failed = downloadOcsp option not supported on this version of Windows. |
2963 | With previous RemainingMinutes: %d downloaded new OCSP response with ThisUpdate: %ws NextUpdate: %ws | With previous RemainingMinutes: %d downloaded new OCSP response with ThisUpdate: %ws NextUpdate: %ws |
2964 | Open OCSP subject certificate file | Open OCSP subject certificate file |
2965 | Remove OCSP subject certificate file | Remove OCSP subject certificate file |
2966 | Add OCSP response file | Add OCSP response file |
2967 | Remove OCSP response file | Remove OCSP response file |
2968 | Waiting for %d download OCSP reponses to complete | Waiting for %d download OCSP reponses to complete |
2969 | Downloaded OCSP Responses | Downloaded OCSP Responses |
2970 | Milliseconds: %d ThisUpdate: %ws NextUpdate: %ws RemainingMinutes: %d | Milliseconds: %d ThisUpdate: %ws NextUpdate: %ws RemainingMinutes: %d |
2971 | Total: %d Downloaded: %d Warnings: %d Pending: %d Errors: %d Maximum Thread Count: %d | Total: %d Downloaded: %d Warnings: %d Pending: %d Errors: %d Maximum Thread Count: %d |
2972 | Error = Download OCSP response. %ws | Error = Download OCSP response. %ws |
2973 | Error = Write OCSP response file. %ws | Error = Write OCSP response file. %ws |
2974 | Error = Missing issuer certificate | Error = Missing issuer certificate |
2975 | Error = Open OCSP subject certificate file. %ws | Error = Open OCSP subject certificate file. %ws |
2976 | Error = Pending OCSP response download | Error = Pending OCSP response download |
2977 | Warning = No OCSP subject certificates in file | Warning = No OCSP subject certificates in file |
2978 | Warning = Duplicate OCSP response file | Warning = Duplicate OCSP response file |
2979 | Warning = OCSP not supported for certificate | Warning = OCSP not supported for certificate |
2980 | test passed | test passed |
2981 | test FAILED | test FAILED |
2982 | test skipped | test skipped |
2983 | Key Encryption Algorithm: | Key Encryption Algorithm: |
2984 | Encrypted Key: | Encrypted Key: |
2985 | [TaskName [SRKThumbprint]] | [TaskName [SRKThumbprint]] |
2986 | TaskName -- task to trigger %1 -- NGC Key Pregen task %2 -- NGC AIK certificate enrollment task. defaults to autoenrollment event. SRKThumbprint -- Thumprint of Storage Root Key |
TaskName -- task to trigger %1 -- NGC Key Pregen task %2 -- NGC AIK certificate enrollment task. defaults to autoenrollment event. SRKThumbprint -- Thumprint of Storage Root Key |
2987 | AIK Certificates | AIK Certificates |
2988 | No AIK Certificates | No AIK Certificates |
2989 | Reason: Privilege Withdrawn | Reason: Privilege Withdrawn |
2990 | Reason: AA Compromise | Reason: AA Compromise |
2991 | Cannot import private key | Cannot import private key |
2992 | count | count |
2993 | Cannot decrypt content | Cannot decrypt content |
2994 | Decrypted content | Decrypted content |
2995 | Unprotected attributes | Unprotected attributes |
2996 | Computed | Computed |
2997 | Iteration count | Iteration count |
2998 | Local Key Id: | Local Key Id: |
2999 | Invalid Template | Invalid Template |
3100 | PKCS Attributes: | PKCS Attributes: |
3101 | Verified Extended Validation (EV) Policies | Verified Extended Validation (EV) Policies |
3102 | Extended Validation Certificate | Extended Validation Certificate |
3103 | Strong signature verification | Strong signature verification |
3104 | Must chain to a Microsoft root | Must chain to a Microsoft root |
3105 | Must chain to a Microsoft test root | Must chain to a Microsoft test root |
3106 | Must chain to a Microsoft application root | Must chain to a Microsoft application root |
3107 | Enforce Extended Validation Policy | Enforce Extended Validation Policy |
3108 | Detached signature matches Public Key | Detached signature matches Public Key |
3109 | Generate HPKP header using certificates in specified file or directory | Generate HPKP header using certificates in specified file or directory |
3110 | CertFileOrDir MaxAge [ReportUri] [Modifiers] | CertFileOrDir MaxAge [ReportUri] [Modifiers] |
3111 | CertFileOrDir -- file or directory of certificates. Source of pin-sha256. MaxAge -- max-age value in seconds. ReportUri -- optional report-uri. Modifiers -- Comma separated list of one or more of the following: %1 -- append includeSubDomains. |
CertFileOrDir -- file or directory of certificates. Source of pin-sha256. MaxAge -- max-age value in seconds. ReportUri -- optional report-uri. Modifiers -- Comma separated list of one or more of the following: %1 -- append includeSubDomains. |
3112 | Error = Open certificate file. %ws | Error = Open certificate file. %ws |
3113 | Success = Open certificate file: %ws | Success = Open certificate file: %ws |
3114 | Skipping = Duplicate: %ws | Skipping = Duplicate: %ws |
3115 | Error = No certificates | Error = No certificates |
3116 | Registry Aliases: | Registry Aliases: |
3117 | Indirect key name | Indirect key name |
3118 | ================ Begin force NCrypt ================ | ================ Begin force NCrypt ================ |
3119 | ---------------- End force NCrypt ---------------- | ---------------- End force NCrypt ---------------- |
3120 | ================ Begin Passport Key ================ | ================ Begin Passport Key ================ |
3121 | ---------------- End Passport Key ---------------- | ---------------- End Passport Key ---------------- |
3122 | invoke CryptUI | invoke CryptUI |
3123 | File [%1] | File [%1] |
3124 | Thumbprint | Thumbprint |
4000 | Certificate Enrollment - Username/Password Credential | Certificate Enrollment - Username/Password Credential |
4001 | Certificate Enrollment - Certificate Credential | Certificate Enrollment - Certificate Credential |
4050 | Select Certification Authority | Select Certification Authority |
4051 | Select a Certification Authority to send the request. | Select a Certification Authority to send the request. |
52737 | Invalid Schema , Message Format Error from server. | Invalid Schema , Message Format Error from server. |
52738 | Server failed to authenticate the user. | Server failed to authenticate the user. |
52739 | User is not authorized to enroll. | User is not authorized to enroll. |
52742 | Unhandled exception from server. | Unhandled exception from server. |
52747 | Redirection is needed and redirected location is not a wellknown server | Redirection is needed and redirected location is not a wellknown server |
52748 | Discovery failed | Discovery failed |
52750 | Registration quota reached | Registration quota reached |
52751 | Operation successful but the machine requires a reboot | Operation successful but the machine requires a reboot |
52752 | The AIK certificate is not valid or trusted | The AIK certificate is not valid or trusted |
52753 | The attestation statement of the transport key is invalid | The attestation statement of the transport key is invalid |
52754 | Server returned a bad message error | Server returned a bad message error |
52755 | Tenant Id is not found in the token | Tenant Id is not found in the token |
52756 | User Sid is not found in the token | User Sid is not found in the token |
52757 | The device is required to be classic domain joined | The device is required to be classic domain joined |
52758 | Some join information cannot be read from the device | Some join information cannot be read from the device |
52763 | The device is not joined to AAD | The device is not joined to AAD |
52764 | The client timed out while waiting for a server response. | The client timed out while waiting for a server response. |
52770 | The token does not contain device ID | The token does not contain device ID |
52771 | The operation requires multi-factor authentication | The operation requires multi-factor authentication |
52772 | The specified user cannot be found | The specified user cannot be found |
52773 | Server is busy | Server is busy |
52774 | The NGC key is already registered | The NGC key is already registered |
52775 | The graph directory request is bad | The graph directory request is bad |
52776 | The graph request failed with replica unavailable | The graph request failed with replica unavailable |
52777 | The graph request was throttled by server | The graph request was throttled by server |
52778 | The graph request was denied | The graph request was denied |
52779 | TPM lockout or some other crypto layer issue. | TPM lockout or some other crypto layer issue. |
52780 | The device key is missing. | The device key is missing. |
52781 | The web server returned an error (non 200) | The web server returned an error (non 200) |
52782 | The web server returned success, but no data | The web server returned success, but no data |
52784 | The AAD Cloud AP Plugin does not have the requested PRT | The AAD Cloud AP Plugin does not have the requested PRT |
52812 | There is no core windows for the current thread. | There is no core windows for the current thread. |
52813 | Unable to obtain user token | Unable to obtain user token |
52814 | Failed to recieve user creds input | Failed to recieve user creds input |
52815 | AAD token request was cancelled by user | AAD token request was cancelled by user |
52816 | Device is not joined | Device is not joined |
53225 | Server response message is invalid | Server response message is invalid |
53226 | Server failed to authorize user or device. | Server failed to authorize user or device. |
53227 | Server response http status is unexpected | Server response http status is unexpected |
53229 | The request sent to the server was invalid. | The request sent to the server was invalid. |
53230 | Attestation failed | Attestation failed |
53231 | The AIK certificate is no longer valid. | The AIK certificate is no longer valid. |
53232 | There is no key registered for the user. | There is no key registered for the user. |
53233 | There is no UPN in the token. | There is no UPN in the token. |
53234 | The general server side directory error. | The general server side directory error. |
53235 | The device specified in the request was not found in the directory. | The device specified in the request was not found in the directory. |
53236 | The device is not ready to provide a CXH scenario Id for NGC registration. | The device is not ready to provide a CXH scenario Id for NGC registration. |
53238 | Failed to enroll for an NGC cert because there is NO Enterprise SSO. | Failed to enroll for an NGC cert because there is NO Enterprise SSO. |
56836 | User has no permission on the cert template or CA unreachable. | User has no permission on the cert template or CA unreachable. |
56837 | Generic Failure from management server, such as DB access error. | Generic Failure from management server, such as DB access error. |
56840 | Unknown server error. | Unknown server error. |
56841 | Another enrollment operation is currently underway. | Another enrollment operation is currently underway. |
56842 | Device is already enrolled. | Device is already enrolled. |
56843 | Device is not enrolled. | Device is not enrolled. |
56845 | During discovery the sec cert date was invalid. | During discovery the sec cert date was invalid. |
56846 | A password is needed (And wasn't supplied) | A password is needed (And wasn't supplied) |
56847 | An error during WAB enrollment | An error during WAB enrollment |
56848 | A http (or lower) error, such as dns or timeout | A http (or lower) error, such as dns or timeout |
56850 | The SSL cert wasn't valid | The SSL cert wasn't valid |
56851 | User already enrolled too many devices. Delete or unenroll old ones to fix this error (user can fix it without admin) | User already enrolled too many devices. Delete or unenroll old ones to fix this error (user can fix it without admin) |
56852 | Specific platform (e.g. Windows) or version is not supported (no point retrying or calling admin. User could upgrade device) | Specific platform (e.g. Windows) or version is not supported (no point retrying or calling admin. User could upgrade device) |
56853 | Mobile device management generally not supported (would save an admin call) | Mobile device management generally not supported (would save an admin call) |
56854 | Device is trying to renew but server rejects the request. Client might show notification for this if Robo fails. Check time on device (user can fix it by re-enrolling) | Device is trying to renew but server rejects the request. Client might show notification for this if Robo fails. Check time on device (user can fix it by re-enrolling) |
56855 | Account is in maintenance, retry later (user can retry later but might call admin because doesn't know when problem is solved) | Account is in maintenance, retry later (user can retry later but might call admin because doesn't know when problem is solved) |
56856 | License of user is in bad state blocking enrollment (user still needs to call admin) | License of user is in bad state blocking enrollment (user still needs to call admin) |
56857 | The server rejected the Enrollment Data, the server may not be configured correctly | The server rejected the Enrollment Data, the server may not be configured correctly |
56858 | The server asked to use HTTP from HTTPS, but the user didn't ok it | The server asked to use HTTP from HTTPS, but the user didn't ok it |
56859 | indicates trying to do an invalid operation on an enrollment, such as enrolling twice, or unenroll one that doesn't exist | indicates trying to do an invalid operation on an enrollment, such as enrolling twice, or unenroll one that doesn't exist |
56860 | Enrollment type isn't allowed on this SKU | Enrollment type isn't allowed on this SKU |
56861 | unknown client side error | unknown client side error |
56862 | Provisioning failed in CertificateStore CSP | Provisioning failed in CertificateStore CSP |
56863 | Provisioning failed in W7/DMAcc CSP | Provisioning failed in W7/DMAcc CSP |
56864 | Provisioning failed in DMClient CSP | Provisioning failed in DMClient CSP |
56865 | Provisioning failed in Passport for Work CSP | Provisioning failed in Passport for Work CSP |
56866 | Provisioning failed in a CSP not listed above | Provisioning failed in a CSP not listed above |
56867 | Provisioning failed, but a specific CSP is not indicated | Provisioning failed, but a specific CSP is not indicated |
56868 | the public cert was not found: a) when attempting to bind the public cert/private key or b) when looking into provisioning payload (perhaps targeting the wrong store) | the public cert was not found: a) when attempting to bind the public cert/private key or b) when looking into provisioning payload (perhaps targeting the wrong store) |
56869 | Provisioning failed in EnterpriseAppManagement CSP | Provisioning failed in EnterpriseAppManagement CSP |
56870 | MDM Management was blocked, such as via GP or SetManagedExternally() | MDM Management was blocked, such as via GP or SetManagedExternally() |
56871 | Failed to create the private key as requested | Failed to create the private key as requested |
57877 | ?CCM_E_ITEMNOTFOUND? | ?CCM_E_ITEMNOTFOUND? |
57984 | CCM_E_EMPTY_CERT_STORE | CCM_E_EMPTY_CERT_STORE |
57985 | CCM_E_NO_CERT_MATCHING_CRITERIA | CCM_E_NO_CERT_MATCHING_CRITERIA |
57986 | More than one certificate found but 'select first cert' was not set | More than one certificate found but 'select first cert' was not set |
57987 | CCM_E_MISSING_PRIVATEKEY | CCM_E_MISSING_PRIVATEKEY |
57988 | CCM_E_MISSING_SUBJECT_NAME | CCM_E_MISSING_SUBJECT_NAME |
57989 | Valida search criteria verbs are 'Subject:', 'SubjectStr:' and 'SubjectAtr:' | Valida search criteria verbs are 'Subject:', 'SubjectStr:' and 'SubjectAtr:' |
57990 | CCM_E_INVALID_SMS_AUTHORITY | CCM_E_INVALID_SMS_AUTHORITY |
57991 | CCM_E_MISSING_SITE_SIGNING_CERT | CCM_E_MISSING_SITE_SIGNING_CERT |
57992 | Failures related to decompressing CIs/SDM packages | Failures related to decompressing CIs/SDM packages |
58000 | job contains no files, no action to perform | job contains no files, no action to perform |
58001 | Client doesn't have any assigned TS | Client doesn't have any assigned TS |
58002 | Client unable to compute Message Signature for InBand Auth | Client unable to compute Message Signature for InBand Auth |
58003 | Client unable to Refresh Site server signing certificate | Client unable to Refresh Site server signing certificate |
58004 | Client Unable to verify Policy | Client Unable to verify Policy |
58005 | Client Unable to find a valid Registration certificate | Client Unable to find a valid Registration certificate |
58006 | The client failed to process one or more CIs | The client failed to process one or more CIs |
58007 | CCM_E_INVALID_KEY | CCM_E_INVALID_KEY |
58008 | The client's database record could not be validated | The client's database record could not be validated |
58009 | The client does not recognize these type of signature (for delta download) | The client does not recognize these type of signature (for delta download) |
58010 | More client registration error | More client registration error |
58012 | The Client received a reset registration from Server | The Client received a reset registration from Server |
58013 | Client version is not compatible with the primary site version. | Client version is not compatible with the primary site version. |
58014 | CCM_E_HASH_MISMATCH | CCM_E_HASH_MISMATCH |
59648 | ?CCM_E_CERTENROLL_SCEP_CERTREQUEST_PENDING? | ?CCM_E_CERTENROLL_SCEP_CERTREQUEST_PENDING? |
59649 | ?CCM_E_CERTENROLL_SCEP_CERTREQUEST_UNEXPECTED? | ?CCM_E_CERTENROLL_SCEP_CERTREQUEST_UNEXPECTED? |
59650 | ?CCM_E_CERTENROLL_SCEP_CERTREQUEST_FAILURE? | ?CCM_E_CERTENROLL_SCEP_CERTREQUEST_FAILURE? |
59651 | ?CCM_E_CERTENROLL_SCEP_CERTREQUEST_BADALGORITHM? | ?CCM_E_CERTENROLL_SCEP_CERTREQUEST_BADALGORITHM? |
59652 | ?CCM_E_CERTENROLL_SCEP_CERTREQUEST_BADMESSAGE? | ?CCM_E_CERTENROLL_SCEP_CERTREQUEST_BADMESSAGE? |
59653 | ?CCM_E_CERTENROLL_SCEP_CERTREQUEST_BADTRANSACTION? | ?CCM_E_CERTENROLL_SCEP_CERTREQUEST_BADTRANSACTION? |
59654 | ?CCM_E_CERTENROLL_SCEP_CERTREQUEST_BADSIGNINGTIME? | ?CCM_E_CERTENROLL_SCEP_CERTREQUEST_BADSIGNINGTIME? |
59655 | ?CCM_E_CERTENROLL_SCEP_CERTREQUEST_BADCERTID? | ?CCM_E_CERTENROLL_SCEP_CERTREQUEST_BADCERTID? |
59656 | ?CCM_E_CERTENROLL_SCEP_SERVERCERT_EMPTY? | ?CCM_E_CERTENROLL_SCEP_SERVERCERT_EMPTY? |
59657 | ?CCM_E_CERTENROLL_SCEP_SERVERCAP_EMPTY? | ?CCM_E_CERTENROLL_SCEP_SERVERCAP_EMPTY? |
59664 | ?CCM_E_CERTENROLL_SCEP_PKIOPRESPONSE_EMPTY? | ?CCM_E_CERTENROLL_SCEP_PKIOPRESPONSE_EMPTY? |
59665 | ?CCM_E_CERTENROLL_SCEP_TPM_UNAVAILABLE? | ?CCM_E_CERTENROLL_SCEP_TPM_UNAVAILABLE? |
61440 | An attempt was made to perform an operation when initialization has not yet been completed. | An attempt was made to perform an operation when initialization has not yet been completed. |
61441 | The input XML is improperly formatted. | The input XML is improperly formatted. |
61442 | The object already exists. | The object already exists. |
61443 | A calculation resulted in an integer overflow. | A calculation resulted in an integer overflow. |
61444 | A calculation resulted in an integer underflow. | A calculation resulted in an integer underflow. |
61445 | An attempted rollback has failed. | An attempted rollback has failed. |
61446 | A failure happens when CSP runs outproc. | A failure happens when CSP runs outproc. |
61696 | The session has been aborted. | The session has been aborted. |
61698 | Authentication of the server failed. | Authentication of the server failed. |
61700 | The user has chosen to reject management actions. | The user has chosen to reject management actions. |
61701 | An action was performed on a node with an unexpected type. | An action was performed on a node with an unexpected type. |
61702 | The user has chosen to cancel management actions. | The user has chosen to cancel management actions. |
61703 | The management command has been bypassed. | The management command has been bypassed. |
61704 | A dialog has timed out while awaiting user acknowledgement. | A dialog has timed out while awaiting user acknowledgement. |
61705 | Text to be displayed is too large. | Text to be displayed is too large. |
61707 | The push message data has some parsing error. | The push message data has some parsing error. |
61709 | Previous keep alive message is still being processed and server send down new commands. | Previous keep alive message is still being processed and server send down new commands. |
61710 | Processing results that span multiple messages. | Processing results that span multiple messages. |
61711 | Cannot find NGC Key to install the certificate to. | Cannot find NGC Key to install the certificate to. |
61952 | The OMA-DM server replied with a Status code value indicating an error for the client's SyncHdr | The OMA-DM server replied with a Status code value indicating an error for the client's SyncHdr |
61953 | The session has been aborted because a 407 response was received. | The session has been aborted because a 407 response was received. |
61954 | The session has been aborted due to user cancellation. | The session has been aborted due to user cancellation. |
61956 | The session has been aborted because the device is in roaming state and DM is not allowed in this case. | The session has been aborted because the device is in roaming state and DM is not allowed in this case. |
61957 | The session has been aborted because the HMAC provided by server didn't match with the message body. | The session has been aborted because the HMAC provided by server didn't match with the message body. |
61958 | The session has been aborted because the account is being deleted. | The session has been aborted because the account is being deleted. |
61959 | The session has been aborted because no more retry allowed. | The session has been aborted because no more retry allowed. |
61960 | The session has been aborted because zero-byte data response was received. | The session has been aborted because zero-byte data response was received. |
61961 | No more sync session allowed. | No more sync session allowed. |
61962 | The SSLCertCriteria is not valid. | The SSLCertCriteria is not valid. |
62097 | The session has been aborted because a 401 response was received. | The session has been aborted because a 401 response was received. |
62099 | The session has been aborted because a 403 response was received. | The session has been aborted because a 403 response was received. |
62100 | The session has been aborted because a 404 response was received. | The session has been aborted because a 404 response was received. |
62109 | The session has been aborted because a 413 response was received. | The session has been aborted because a 413 response was received. |
62208 | The current object is not ready for use. | The current object is not ready for use. |
62209 | Stream is not ready for use. | Stream is not ready for use. |
62210 | Data . | Data . |
62211 | Compression corrupted. | Compression corrupted. |
62212 | Name is not a valid filename. | Name is not a valid filename. |
62213 | There is no file by the specified name. | There is no file by the specified name. |
62214 | Uninstall file not found. | Uninstall file not found. |
62215 | File is unexpectedly readonly. | File is unexpectedly readonly. |
62216 | Zip archive is invalid. | Zip archive is invalid. |
62217 | Unsupported compression method | Unsupported compression method |
62219 | Invalid stream. | Invalid stream. |
62220 | Format is not supported. | Format is not supported. |
62221 | Invalid zip item. | Invalid zip item. |
62223 | Cannot load zlib dll. | Cannot load zlib dll. |
62224 | Cannot find expected exported method. | Cannot find expected exported method. |
File Description: | CertUtil.exe |
File Version: | 10.0.15063.0 (WinBuild.160101.0800) |
Company Name: | Microsoft Corporation |
Internal Name: | CertUtil.exe |
Legal Copyright: | © Microsoft Corporation. All rights reserved. |
Original Filename: | CertUtil.exe.mui |
Product Name: | Microsoft® Windows® Operating System |
Product Version: | 10.0.15063.0 |
Translation: | 0x409, 1200 |