Skip to content
This repository has been archived by the owner on Apr 29, 2021. It is now read-only.

Windows 10 error when running certutil command #102

Closed
djpackham opened this issue Apr 3, 2017 · 5 comments
Closed

Windows 10 error when running certutil command #102

djpackham opened this issue Apr 3, 2017 · 5 comments
Labels
bug Priority - Backlog (none)

Comments

@djpackham
Copy link
Contributor

Description of Issue:

While running the certutil -verify -urlfetch mypiv_auth.cer command to verify the revocation status of my PIV auth certificate, certutil is throwing the error:

Cannot find object or property. 0x80092004 (-2146885628 CRYPT_E_NOT_FOUND)

  • Using the same certificate and running the same certutil command on a Windows 7 workstation works fine.
  • PIV login is working for Windows 10, so don't think there is any big issue using Windows 10, but may need to update Playbook to specify Windows 10 may throw this error when running certutil command.

Details of Issue:

Receiving error:

Cannot find object or property. 0x80092004 (-2146885628 CRYPT_E_NOT_FOUND)

CertUtil: -verify command FAILED: 0x80092004 (-2146885628 CRYPT_E_NOT_FOUND)
CertUtil: Cannot find object or property.

References (Docs, Links, Files):

If a New Page or Content is Needed, Expected Outcomes:

Link to the Content Page for Contributors:
@mttcpr2
Copy link

mttcpr2 commented Apr 7, 2017

You have to enable CAPI2 diagnostic logging to see what is happening. Open the Event Viewer, Applications and Services Logs, Microsoft, Windows, CAPI2. Right click Operational and Enable Log. Stepping through the events and examining the details should reveal the problem.

@bob-fontana
Copy link

bob-fontana commented Nov 1, 2017
edited
Loading

Neither c:\windows\syswow64\nss\certutil.exe nor c:\windows\system32\nss\certutil.exe exist on my system. I'm running Windows 10 and Firefox R56. I am not sure whether previous versions of Firefox installed a certutil.exe into the nss folder. I'm a contractor and do not have a GSA or Fed Windows installation, so the system I'm using may not match what the Feds have.

@milesgratz
Copy link

I stumbled upon this GitHub issue (I'm not familiar with GSA/piv-guides or this repo) while Googling this same CertUtil: -verify command FAILED: 0x80092004 (-2146885628 CRYPT_E_NOT_FOUND) error message. In my case, I was getting this error because I had a duplicate Root CA certificate in the Trusted Root Certification Authorities in Certificates - Local Computer (CERTLM.msc). No error messages in the CAPI2 logs, very bizarre.

@maxwellfunk
Copy link
Contributor

verify that this command is working fine on a windows 10 machine with exported GSA PIV auth certificate. Note that exported format may impact errors seen.

@ryancdickson
Copy link
Contributor

The issue (bug) was corrected by Microsoft in 2019 - more information included in https://support.microsoft.com/en-us/topic/june-18-2019-kb4503294-os-build-14393-3053-abcd70b9-7271-b243-c41d-a00295976bde

@amcasey amcasey mentioned this issue Aug 20, 2024
Open
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug Priority - Backlog (none)
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@ryancdickson @djpackham @milesgratz @bob-fontana @mttcpr2 @maxwellfunk