RootCATrustedCertificates CSP

The RootCATrustedCertificates configuration service provider enables the enterprise to set the Root Certificate Authority (CA) certificates.

Note

./User configuration is not supported for RootCATrustedCertificates/Root.

The following list shows the RootCATrustedCertificates configuration service provider nodes:

Device/CA

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/CA

Node for CA certificates.

Description framework properties:

Property name Property value
Format node
Access Type Get

Device/CA/{CertHash}

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/CA/{CertHash}

Defines the SHA1 hash for the certificate. The 20-byte value of the SHA1 certificate hash is specified as a hexadecimal string value.

Description framework properties:

Property name Property value
Format node
Access Type Delete, Get
Dynamic Node Naming UniqueName: Defines the SHA1 hash for the certificate. The 20-byte value of the SHA1 certificate hash is specified as a hexadecimal string value.

Device/CA/{CertHash}/EncodedCertificate

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/CA/{CertHash}/EncodedCertificate

Specifies the X.509 certificate as a Base64-encoded string. The Base-64 string value can't include extra formatting characters such as embedded linefeeds, etc.

Description framework properties:

Property name Property value
Format b64
Access Type Add, Get, Replace

Device/CA/{CertHash}/IssuedBy

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/CA/{CertHash}/IssuedBy

Returns the name of the certificate issuer. This is equivalent to the Issuer member in the CERT_INFO data structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

Device/CA/{CertHash}/IssuedTo

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/CA/{CertHash}/IssuedTo

Returns the name of the certificate subject. This is equivalent to the Subject member in the CERT_INFO data structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

Device/CA/{CertHash}/TemplateName

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/CA/{CertHash}/TemplateName

Returns the certificate template name. Supported operation is Get.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

Device/CA/{CertHash}/ValidFrom

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/CA/{CertHash}/ValidFrom

Returns the starting date of the certificate's validity. Supported operation is Get. This is equivalent to the NotBefore member in the CERT_INFO structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

Device/CA/{CertHash}/ValidTo

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/CA/{CertHash}/ValidTo

Returns the expiration date of the certificate. Supported operation is Get. This is equivalent to the NotAfter member in the CERT_INFO structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

Device/OemEsim

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 11, version 21H2 [10.0.22000] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/OemEsim

Node for OEM eSIM certificates.

Description framework properties:

Property name Property value
Format node
Access Type Get

Device/OemEsim/{CertHash}

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 11, version 21H2 [10.0.22000] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/OemEsim/{CertHash}

Defines the SHA1 hash for the certificate. The 20-byte value of the SHA1 certificate hash is specified as a hexadecimal string value.

Description framework properties:

Property name Property value
Format node
Access Type Delete, Get
Dynamic Node Naming UniqueName: Defines the SHA1 hash for the certificate. The 20-byte value of the SHA1 certificate hash is specified as a hexadecimal string value.

Device/OemEsim/{CertHash}/EncodedCertificate

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 11, version 21H2 [10.0.22000] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/OemEsim/{CertHash}/EncodedCertificate

Specifies the X.509 certificate as a Base64-encoded string. The Base-64 string value can't include extra formatting characters such as embedded linefeeds, etc.

Description framework properties:

Property name Property value
Format b64
Access Type Add, Get, Replace

Device/OemEsim/{CertHash}/IssuedBy

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 11, version 21H2 [10.0.22000] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/OemEsim/{CertHash}/IssuedBy

Returns the name of the certificate issuer. This is equivalent to the Issuer member in the CERT_INFO data structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

Device/OemEsim/{CertHash}/IssuedTo

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 11, version 21H2 [10.0.22000] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/OemEsim/{CertHash}/IssuedTo

Returns the name of the certificate subject. This is equivalent to the Subject member in the CERT_INFO data structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

Device/OemEsim/{CertHash}/TemplateName

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 11, version 21H2 [10.0.22000] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/OemEsim/{CertHash}/TemplateName

Returns the certificate template name. Supported operation is Get.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

Device/OemEsim/{CertHash}/ValidFrom

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 11, version 21H2 [10.0.22000] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/OemEsim/{CertHash}/ValidFrom

Returns the starting date of the certificate's validity. Supported operation is Get. This is equivalent to the NotBefore member in the CERT_INFO structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

Device/OemEsim/{CertHash}/ValidTo

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 11, version 21H2 [10.0.22000] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/OemEsim/{CertHash}/ValidTo

Returns the expiration date of the certificate. Supported operation is Get. This is equivalent to the NotAfter member in the CERT_INFO structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

Device/Root

Scope Editions Applicable OS
✅ Device
❌ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/Root

Defines the certificate store that contains root, or self-signed certificates, in this case, the computer store.

Description framework properties:

Property name Property value
Format node
Access Type Get

Device/Root/{CertHash}

Scope Editions Applicable OS
✅ Device
❌ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/Root/{CertHash}

Defines the SHA1 hash for the certificate. The 20-byte value of the SHA1 certificate hash is specified as a hexadecimal string value.

Description framework properties:

Property name Property value
Format node
Access Type Delete, Get

Device/Root/{CertHash}/EncodedCertificate

Scope Editions Applicable OS
✅ Device
❌ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/Root/{CertHash}/EncodedCertificate

Specifies the X.509 certificate as a Base64-encoded string. The Base-64 string value can't include extra formatting characters such as embedded linefeeds, etc.

Description framework properties:

Property name Property value
Format b64
Access Type Add, Get, Replace
Dynamic Node Naming UniqueName: Defines the SHA1 hash for the certificate. The 20-byte value of the SHA1 certificate hash is specified as a hexadecimal string value.

Device/Root/{CertHash}/IssuedBy

Scope Editions Applicable OS
✅ Device
❌ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/Root/{CertHash}/IssuedBy

Returns the name of the certificate issuer. This is equivalent to the Issuer member in the CERT_INFO data structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

Device/Root/{CertHash}/IssuedTo

Scope Editions Applicable OS
✅ Device
❌ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/Root/{CertHash}/IssuedTo

Returns the name of the certificate subject. This is equivalent to the Subject member in the CERT_INFO data structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

Device/Root/{CertHash}/TemplateName

Scope Editions Applicable OS
✅ Device
❌ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/Root/{CertHash}/TemplateName

Returns the certificate template name. Supported operation is Get.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

Device/Root/{CertHash}/ValidFrom

Scope Editions Applicable OS
✅ Device
❌ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/Root/{CertHash}/ValidFrom

Returns the starting date of the certificate's validity. Supported operation is Get. This is equivalent to the NotBefore member in the CERT_INFO structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

Device/Root/{CertHash}/ValidTo

Scope Editions Applicable OS
✅ Device
❌ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/Root/{CertHash}/ValidTo

Returns the expiration date of the certificate. Supported operation is Get. This is equivalent to the NotAfter member in the CERT_INFO structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

Device/TrustedPeople

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/TrustedPeople

Node for trusted people certificates.

Description framework properties:

Property name Property value
Format node
Access Type Get

Device/TrustedPeople/{CertHash}

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/TrustedPeople/{CertHash}

Defines the SHA1 hash for the certificate. The 20-byte value of the SHA1 certificate hash is specified as a hexadecimal string value.

Description framework properties:

Property name Property value
Format node
Access Type Delete, Get
Dynamic Node Naming UniqueName: Defines the SHA1 hash for the certificate. The 20-byte value of the SHA1 certificate hash is specified as a hexadecimal string value.

Device/TrustedPeople/{CertHash}/EncodedCertificate

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/TrustedPeople/{CertHash}/EncodedCertificate

Specifies the X.509 certificate as a Base64-encoded string. The Base-64 string value can't include extra formatting characters such as embedded linefeeds, etc.

Description framework properties:

Property name Property value
Format b64
Access Type Add, Get, Replace

Device/TrustedPeople/{CertHash}/IssuedBy

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/TrustedPeople/{CertHash}/IssuedBy

Returns the name of the certificate issuer. This is equivalent to the Issuer member in the CERT_INFO data structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

Device/TrustedPeople/{CertHash}/IssuedTo

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/TrustedPeople/{CertHash}/IssuedTo

Returns the name of the certificate subject. This is equivalent to the Subject member in the CERT_INFO data structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

Device/TrustedPeople/{CertHash}/TemplateName

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/TrustedPeople/{CertHash}/TemplateName

Returns the certificate template name. Supported operation is Get.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

Device/TrustedPeople/{CertHash}/ValidFrom

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/TrustedPeople/{CertHash}/ValidFrom

Returns the starting date of the certificate's validity. Supported operation is Get. This is equivalent to the NotBefore member in the CERT_INFO structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

Device/TrustedPeople/{CertHash}/ValidTo

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/TrustedPeople/{CertHash}/ValidTo

Returns the expiration date of the certificate. Supported operation is Get. This is equivalent to the NotAfter member in the CERT_INFO structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

Device/TrustedPublisher

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/TrustedPublisher

Node for trusted publisher certificates.

Description framework properties:

Property name Property value
Format node
Access Type Get

Device/TrustedPublisher/{CertHash}

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/TrustedPublisher/{CertHash}

Defines the SHA1 hash for the certificate. The 20-byte value of the SHA1 certificate hash is specified as a hexadecimal string value.

Description framework properties:

Property name Property value
Format node
Access Type Delete, Get
Dynamic Node Naming UniqueName: Defines the SHA1 hash for the certificate. The 20-byte value of the SHA1 certificate hash is specified as a hexadecimal string value.

Device/TrustedPublisher/{CertHash}/EncodedCertificate

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/TrustedPublisher/{CertHash}/EncodedCertificate

Specifies the X.509 certificate as a Base64-encoded string. The Base-64 string value can't include extra formatting characters such as embedded linefeeds, etc.

Description framework properties:

Property name Property value
Format b64
Access Type Add, Get, Replace

Device/TrustedPublisher/{CertHash}/IssuedBy

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/TrustedPublisher/{CertHash}/IssuedBy

Returns the name of the certificate issuer. This is equivalent to the Issuer member in the CERT_INFO data structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

Device/TrustedPublisher/{CertHash}/IssuedTo

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/TrustedPublisher/{CertHash}/IssuedTo

Returns the name of the certificate subject. This is equivalent to the Subject member in the CERT_INFO data structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

Device/TrustedPublisher/{CertHash}/TemplateName

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/TrustedPublisher/{CertHash}/TemplateName

Returns the certificate template name. Supported operation is Get.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

Device/TrustedPublisher/{CertHash}/ValidFrom

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/TrustedPublisher/{CertHash}/ValidFrom

Returns the starting date of the certificate's validity. Supported operation is Get. This is equivalent to the NotBefore member in the CERT_INFO structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

Device/TrustedPublisher/{CertHash}/ValidTo

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/TrustedPublisher/{CertHash}/ValidTo

Returns the expiration date of the certificate. Supported operation is Get. This is equivalent to the NotAfter member in the CERT_INFO structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

Device/UntrustedCertificates

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1803 [10.0.17134] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/UntrustedCertificates

Node for certificates that aren't trusted. IT admin can use this node to immediately flag certificates that have been compromised and no longer usable.

Description framework properties:

Property name Property value
Format node
Access Type Get

Device/UntrustedCertificates/{CertHash}

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1803 [10.0.17134] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/UntrustedCertificates/{CertHash}

Defines the SHA1 hash for the certificate. The 20-byte value of the SHA1 certificate hash is specified as a hexadecimal string value.

Description framework properties:

Property name Property value
Format node
Access Type Delete, Get
Dynamic Node Naming UniqueName: Defines the SHA1 hash for the certificate. The 20-byte value of the SHA1 certificate hash is specified as a hexadecimal string value.

Device/UntrustedCertificates/{CertHash}/EncodedCertificate

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1803 [10.0.17134] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/UntrustedCertificates/{CertHash}/EncodedCertificate

Specifies the X.509 certificate as a Base64-encoded string. The Base-64 string value can't include extra formatting characters such as embedded linefeeds, etc.

Description framework properties:

Property name Property value
Format b64
Access Type Add, Get, Replace

Device/UntrustedCertificates/{CertHash}/IssuedBy

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1803 [10.0.17134] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/UntrustedCertificates/{CertHash}/IssuedBy

Returns the name of the certificate issuer. This is equivalent to the Issuer member in the CERT_INFO data structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

Device/UntrustedCertificates/{CertHash}/IssuedTo

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1803 [10.0.17134] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/UntrustedCertificates/{CertHash}/IssuedTo

Returns the name of the certificate subject. This is equivalent to the Subject member in the CERT_INFO data structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

Device/UntrustedCertificates/{CertHash}/TemplateName

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1803 [10.0.17134] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/UntrustedCertificates/{CertHash}/TemplateName

Returns the certificate template name. Supported operation is Get.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

Device/UntrustedCertificates/{CertHash}/ValidFrom

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1803 [10.0.17134] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/UntrustedCertificates/{CertHash}/ValidFrom

Returns the starting date of the certificate's validity. Supported operation is Get. This is equivalent to the NotBefore member in the CERT_INFO structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

Device/UntrustedCertificates/{CertHash}/ValidTo

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1803 [10.0.17134] and later
./Device/Vendor/MSFT/RootCATrustedCertificates/UntrustedCertificates/{CertHash}/ValidTo

Returns the expiration date of the certificate. Supported operation is Get. This is equivalent to the NotAfter member in the CERT_INFO structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

User/CA

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./User/Vendor/MSFT/RootCATrustedCertificates/CA

Node for CA certificates.

Description framework properties:

Property name Property value
Format node
Access Type Get

User/CA/{CertHash}

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./User/Vendor/MSFT/RootCATrustedCertificates/CA/{CertHash}

Defines the SHA1 hash for the certificate. The 20-byte value of the SHA1 certificate hash is specified as a hexadecimal string value.

Description framework properties:

Property name Property value
Format node
Access Type Delete, Get
Dynamic Node Naming UniqueName: Defines the SHA1 hash for the certificate. The 20-byte value of the SHA1 certificate hash is specified as a hexadecimal string value.

User/CA/{CertHash}/EncodedCertificate

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./User/Vendor/MSFT/RootCATrustedCertificates/CA/{CertHash}/EncodedCertificate

Specifies the X.509 certificate as a Base64-encoded string. The Base-64 string value can't include extra formatting characters such as embedded linefeeds, etc.

Description framework properties:

Property name Property value
Format b64
Access Type Add, Get, Replace

User/CA/{CertHash}/IssuedBy

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./User/Vendor/MSFT/RootCATrustedCertificates/CA/{CertHash}/IssuedBy

Returns the name of the certificate issuer. This is equivalent to the Issuer member in the CERT_INFO data structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

User/CA/{CertHash}/IssuedTo

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./User/Vendor/MSFT/RootCATrustedCertificates/CA/{CertHash}/IssuedTo

Returns the name of the certificate subject. This is equivalent to the Subject member in the CERT_INFO data structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

User/CA/{CertHash}/TemplateName

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./User/Vendor/MSFT/RootCATrustedCertificates/CA/{CertHash}/TemplateName

Returns the certificate template name. Supported operation is Get.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

User/CA/{CertHash}/ValidFrom

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./User/Vendor/MSFT/RootCATrustedCertificates/CA/{CertHash}/ValidFrom

Returns the starting date of the certificate's validity. Supported operation is Get. This is equivalent to the NotBefore member in the CERT_INFO structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

User/CA/{CertHash}/ValidTo

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./User/Vendor/MSFT/RootCATrustedCertificates/CA/{CertHash}/ValidTo

Returns the expiration date of the certificate. Supported operation is Get. This is equivalent to the NotAfter member in the CERT_INFO structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

User/OemEsim

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 11, version 21H2 [10.0.22000] and later
./User/Vendor/MSFT/RootCATrustedCertificates/OemEsim

Node for OEM eSIM certificates.

Description framework properties:

Property name Property value
Format node
Access Type Get

User/OemEsim/{CertHash}

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 11, version 21H2 [10.0.22000] and later
./User/Vendor/MSFT/RootCATrustedCertificates/OemEsim/{CertHash}

Defines the SHA1 hash for the certificate. The 20-byte value of the SHA1 certificate hash is specified as a hexadecimal string value.

Description framework properties:

Property name Property value
Format node
Access Type Delete, Get
Dynamic Node Naming UniqueName: Defines the SHA1 hash for the certificate. The 20-byte value of the SHA1 certificate hash is specified as a hexadecimal string value.

User/OemEsim/{CertHash}/EncodedCertificate

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 11, version 21H2 [10.0.22000] and later
./User/Vendor/MSFT/RootCATrustedCertificates/OemEsim/{CertHash}/EncodedCertificate

Specifies the X.509 certificate as a Base64-encoded string. The Base-64 string value can't include extra formatting characters such as embedded linefeeds, etc.

Description framework properties:

Property name Property value
Format b64
Access Type Add, Get, Replace

User/OemEsim/{CertHash}/IssuedBy

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 11, version 21H2 [10.0.22000] and later
./User/Vendor/MSFT/RootCATrustedCertificates/OemEsim/{CertHash}/IssuedBy

Returns the name of the certificate issuer. This is equivalent to the Issuer member in the CERT_INFO data structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

User/OemEsim/{CertHash}/IssuedTo

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 11, version 21H2 [10.0.22000] and later
./User/Vendor/MSFT/RootCATrustedCertificates/OemEsim/{CertHash}/IssuedTo

Returns the name of the certificate subject. This is equivalent to the Subject member in the CERT_INFO data structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

User/OemEsim/{CertHash}/TemplateName

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 11, version 21H2 [10.0.22000] and later
./User/Vendor/MSFT/RootCATrustedCertificates/OemEsim/{CertHash}/TemplateName

Returns the certificate template name. Supported operation is Get.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

User/OemEsim/{CertHash}/ValidFrom

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 11, version 21H2 [10.0.22000] and later
./User/Vendor/MSFT/RootCATrustedCertificates/OemEsim/{CertHash}/ValidFrom

Returns the starting date of the certificate's validity. Supported operation is Get. This is equivalent to the NotBefore member in the CERT_INFO structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

User/OemEsim/{CertHash}/ValidTo

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 11, version 21H2 [10.0.22000] and later
./User/Vendor/MSFT/RootCATrustedCertificates/OemEsim/{CertHash}/ValidTo

Returns the expiration date of the certificate. Supported operation is Get. This is equivalent to the NotAfter member in the CERT_INFO structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

User/TrustedPeople

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./User/Vendor/MSFT/RootCATrustedCertificates/TrustedPeople

Node for trusted people certificates.

Description framework properties:

Property name Property value
Format node
Access Type Get

User/TrustedPeople/{CertHash}

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./User/Vendor/MSFT/RootCATrustedCertificates/TrustedPeople/{CertHash}

Defines the SHA1 hash for the certificate. The 20-byte value of the SHA1 certificate hash is specified as a hexadecimal string value.

Description framework properties:

Property name Property value
Format node
Access Type Delete, Get
Dynamic Node Naming UniqueName: Defines the SHA1 hash for the certificate. The 20-byte value of the SHA1 certificate hash is specified as a hexadecimal string value.

User/TrustedPeople/{CertHash}/EncodedCertificate

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./User/Vendor/MSFT/RootCATrustedCertificates/TrustedPeople/{CertHash}/EncodedCertificate

Specifies the X.509 certificate as a Base64-encoded string. The Base-64 string value can't include extra formatting characters such as embedded linefeeds, etc.

Description framework properties:

Property name Property value
Format b64
Access Type Add, Get, Replace

User/TrustedPeople/{CertHash}/IssuedBy

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./User/Vendor/MSFT/RootCATrustedCertificates/TrustedPeople/{CertHash}/IssuedBy

Returns the name of the certificate issuer. This is equivalent to the Issuer member in the CERT_INFO data structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

User/TrustedPeople/{CertHash}/IssuedTo

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./User/Vendor/MSFT/RootCATrustedCertificates/TrustedPeople/{CertHash}/IssuedTo

Returns the name of the certificate subject. This is equivalent to the Subject member in the CERT_INFO data structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

User/TrustedPeople/{CertHash}/TemplateName

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./User/Vendor/MSFT/RootCATrustedCertificates/TrustedPeople/{CertHash}/TemplateName

Returns the certificate template name. Supported operation is Get.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

User/TrustedPeople/{CertHash}/ValidFrom

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./User/Vendor/MSFT/RootCATrustedCertificates/TrustedPeople/{CertHash}/ValidFrom

Returns the starting date of the certificate's validity. Supported operation is Get. This is equivalent to the NotBefore member in the CERT_INFO structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

User/TrustedPeople/{CertHash}/ValidTo

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./User/Vendor/MSFT/RootCATrustedCertificates/TrustedPeople/{CertHash}/ValidTo

Returns the expiration date of the certificate. Supported operation is Get. This is equivalent to the NotAfter member in the CERT_INFO structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

User/TrustedPublisher

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./User/Vendor/MSFT/RootCATrustedCertificates/TrustedPublisher

Node for trusted publisher certificates.

Description framework properties:

Property name Property value
Format node
Access Type Get

User/TrustedPublisher/{CertHash}

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./User/Vendor/MSFT/RootCATrustedCertificates/TrustedPublisher/{CertHash}

Defines the SHA1 hash for the certificate. The 20-byte value of the SHA1 certificate hash is specified as a hexadecimal string value.

Description framework properties:

Property name Property value
Format node
Access Type Delete, Get
Dynamic Node Naming UniqueName: Defines the SHA1 hash for the certificate. The 20-byte value of the SHA1 certificate hash is specified as a hexadecimal string value.

User/TrustedPublisher/{CertHash}/EncodedCertificate

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./User/Vendor/MSFT/RootCATrustedCertificates/TrustedPublisher/{CertHash}/EncodedCertificate

Specifies the X.509 certificate as a Base64-encoded string. The Base-64 string value can't include extra formatting characters such as embedded linefeeds, etc.

Description framework properties:

Property name Property value
Format b64
Access Type Add, Get, Replace

User/TrustedPublisher/{CertHash}/IssuedBy

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./User/Vendor/MSFT/RootCATrustedCertificates/TrustedPublisher/{CertHash}/IssuedBy

Returns the name of the certificate issuer. This is equivalent to the Issuer member in the CERT_INFO data structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

User/TrustedPublisher/{CertHash}/IssuedTo

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./User/Vendor/MSFT/RootCATrustedCertificates/TrustedPublisher/{CertHash}/IssuedTo

Returns the name of the certificate subject. This is equivalent to the Subject member in the CERT_INFO data structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

User/TrustedPublisher/{CertHash}/TemplateName

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./User/Vendor/MSFT/RootCATrustedCertificates/TrustedPublisher/{CertHash}/TemplateName

Returns the certificate template name. Supported operation is Get.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

User/TrustedPublisher/{CertHash}/ValidFrom

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./User/Vendor/MSFT/RootCATrustedCertificates/TrustedPublisher/{CertHash}/ValidFrom

Returns the starting date of the certificate's validity. Supported operation is Get. This is equivalent to the NotBefore member in the CERT_INFO structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

User/TrustedPublisher/{CertHash}/ValidTo

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1511 [10.0.10586] and later
./User/Vendor/MSFT/RootCATrustedCertificates/TrustedPublisher/{CertHash}/ValidTo

Returns the expiration date of the certificate. Supported operation is Get. This is equivalent to the NotAfter member in the CERT_INFO structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

User/UntrustedCertificates

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1803 [10.0.17134] and later
./User/Vendor/MSFT/RootCATrustedCertificates/UntrustedCertificates

Node for certificates that aren't trusted. IT admin can use this node to immediately flag certificates that have been compromised and no longer usable.

Description framework properties:

Property name Property value
Format node
Access Type Get

User/UntrustedCertificates/{CertHash}

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1803 [10.0.17134] and later
./User/Vendor/MSFT/RootCATrustedCertificates/UntrustedCertificates/{CertHash}

Defines the SHA1 hash for the certificate. The 20-byte value of the SHA1 certificate hash is specified as a hexadecimal string value.

Description framework properties:

Property name Property value
Format node
Access Type Delete, Get
Dynamic Node Naming UniqueName: Defines the SHA1 hash for the certificate. The 20-byte value of the SHA1 certificate hash is specified as a hexadecimal string value.

User/UntrustedCertificates/{CertHash}/EncodedCertificate

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1803 [10.0.17134] and later
./User/Vendor/MSFT/RootCATrustedCertificates/UntrustedCertificates/{CertHash}/EncodedCertificate

Specifies the X.509 certificate as a Base64-encoded string. The Base-64 string value can't include extra formatting characters such as embedded linefeeds, etc.

Description framework properties:

Property name Property value
Format b64
Access Type Add, Get, Replace

User/UntrustedCertificates/{CertHash}/IssuedBy

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1803 [10.0.17134] and later
./User/Vendor/MSFT/RootCATrustedCertificates/UntrustedCertificates/{CertHash}/IssuedBy

Returns the name of the certificate issuer. This is equivalent to the Issuer member in the CERT_INFO data structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

User/UntrustedCertificates/{CertHash}/IssuedTo

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1803 [10.0.17134] and later
./User/Vendor/MSFT/RootCATrustedCertificates/UntrustedCertificates/{CertHash}/IssuedTo

Returns the name of the certificate subject. This is equivalent to the Subject member in the CERT_INFO data structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

User/UntrustedCertificates/{CertHash}/TemplateName

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1803 [10.0.17134] and later
./User/Vendor/MSFT/RootCATrustedCertificates/UntrustedCertificates/{CertHash}/TemplateName

Returns the certificate template name. Supported operation is Get.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

User/UntrustedCertificates/{CertHash}/ValidFrom

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1803 [10.0.17134] and later
./User/Vendor/MSFT/RootCATrustedCertificates/UntrustedCertificates/{CertHash}/ValidFrom

Returns the starting date of the certificate's validity. Supported operation is Get. This is equivalent to the NotBefore member in the CERT_INFO structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

User/UntrustedCertificates/{CertHash}/ValidTo

Scope Editions Applicable OS
✅ Device
✅ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 1803 [10.0.17134] and later
./User/Vendor/MSFT/RootCATrustedCertificates/UntrustedCertificates/{CertHash}/ValidTo

Returns the expiration date of the certificate. Supported operation is Get. This is equivalent to the NotAfter member in the CERT_INFO structure.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Get

Configuration service provider reference