Glad to help!
Certutil import problem
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Anonymous
Hello!
I have a problem with certutil on some Windows 10 workstations in the domain.
I use this command: certutil -user -f -p password -importPFX My c:\setup\client.p12
Most of the workstations completes this command successfully, even if the logged in user is local user of the PC or DOMAIN user, even if standard user or has administrator privileges.
But there are some machines which can not complete the command if any of the domain users logged in.
The error is:
Certutil: -importPFX command FAILED: 0x80090016 (-2146893802 NTE__BAD__KEYSET)
Certutil: The keyset does not exist
If i use the certification import wizard, every user can import that client.p12 file to it's personal store on that machines too.
If a local user or the domain administrator account logged in to that PCs the certutil command completes successfully also on that machines.
I Googled this error for days, checked the permissions of folders but nothing different on that machines.
I would appreciate any suggestion. What should I check? What could cause this on that machines?
Thank You!
P.S.: I think this issue somehow releates to the KB5026361 update. If a domain user profile existed on the machine before the installation of the KB5026361 update, then the certutil import works without problem after all. But if a domain user logs in to a machine for the first time, after that the KB5026361 installed, the problem occurs, and the certutil import doesn't work.
Windows for home | Windows 10 | Security and privacy
Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.
3 answers
Sort by: Most helpful
-
Anonymous
2023-07-26T14:48:54+00:00 Hello Dave!
Thank you for the advice! I have posted this question on that forum in May, but unfortunately got no any answer.
Thank You!
-
DaveM121 883.8K Reputation points Independent Advisor2023-07-26T14:40:55+00:00 Hi Tamás,
I am Dave, I will help you with this.
I apologize, Community is just a consumer forum, due to the scope of your question can you please post this question to our sister forum on Microsoft Q&A (The System Administrators and IT Pro Forum)
Over there you will have access to a host of System Administrators and IT Pro experts and will get a knowledgeable and quick answer to this question.