PSPKI vs certutil

Tagged: , ,

This topic contains 1 reply, has 2 voices, and was last updated by Profile photo of Don Jones Don Jones 5 months ago.

  • Author
  • #63863
    Profile photo of Simon M
    Simon M

    Hi all,
    Not sure how many people are using Powershell in combination with PSPKI (, but I have a curious issue here.
    I am using PSPKI to submit CSRs to our CA and issue them. Obviously, you can do the same with your certutil command.
    One of our admins generated a CSR that I was able to successfully submit using the powershell script. I was able to give him a valid CER file, but he was unable to upload it into his applicance (error said: invalid file). I was able to open the CER on my PC, and could not find anything wrong with it. Using the very same CSR and pushing it through the certutil command, I am able to retrieve another CER file that can be installed on the appliance without any issues. When I open up both CER files on my computer, I am able to compare them, but I can't find any difference between the two.

    Any ideas on how to troubleshoot that? PSPKI has been working fine without any issues so far.


  • #64399
    Profile photo of Don Jones
    Don Jones

    Sounds weird. I'd try to do a binary-level compare of the files to make sure there weren't any invisible characters or something. Like, are the two CER files exactly the same size, in bytes?

You must be logged in to reply to this topic.