Guide To Utilize Certificate Manager on Windows 10 for Viewing Digital Certificates

Utilize Certificate Manager on Windows 10

Whether it’s a Code Signing Certificate or any other digital certificate, managing them is always crucial. From importing a certificate to updating its details, Windows offers a single program.

Windows Certificate Management is a GUI-based tool helping you with core certificate-associated operations. While working with certificates, you will assuredly come across them. Thence, it’s essential to understand its basics.

And further, you will get to know it step-by-step.

Understanding The Windows Certificate Management Console

Windows Certificate Management Console is an in-built program that helps users to view, organize and manage different digital certificates. It comes in handy with all the new Microsoft Windows operating systems. And it’s getting used for the following purposes:

  • Viewing the details of pre-loaded Root Certificate Authorities
  • Export Code Signing and SSL Certificates
  • Delete Certificate Information
  • Import New Digital Certificates and Modify the details of previous ones.

In addition, it displays only the certificates for the current user. However, if you want to see the certificates associated with the local system, you have to use the snap-in mechanism. In snap-in, you have to add the certificate control to admin controls. But, with the Certificate Manager, you can view all the certificates directly.

Step-By-Step Instructions to View Code Signing Certificate and Other Digital Certificates

Following a few instructions, you can effortlessly view and analyze the details of the Code Signing Certificate, SSL Certificate, and much more. Let’s get started by opening the Windows Certificate Management Console.

Step 1: Opening the Windows Certificate Management Console

To open Certificate Management, you have to use the run command panel. At first, you have to click Windows+R using the keyboard. Then you have to write certmgr.msc in the provided space as displayed below and click OK.

Step 2: Accessing the Certificate Management Console

Once you click on OK in step 1, it will open Certificate Management, similar to the below snippet. You will see various folders categorizing certificates in the left panel. The primary folders include:

  • Personal Certificates
  • Trusted Root Certificate Authorities
  • Trusted Publishers
  • Trusted People
  • Active Directory User Object
  • Intermediate Certificate Authorities
  • Untrusted Certificates and much more

Step 3: Viewing Certificates available in each folder

Windows Certificate Management software allows you to view certificates under each folder. You have to double-click on the folder. It will show you the files in it.

As demonstrated below, to view the certificates in the Personal folder, double-click on them. There is an additional certificate in it with the name Certificates. Now, double-click on the Certificates folder, and you will see all the digital certificates on the right panel in front of it.

In addition, you can view also view the following Certificate details:

  • Issued To (To whom the certificate belongs)
  • Issued By (Name of the Certificate Authority, which has issued it)
  • Expiration Date
  • Intended Purpose
  • Friendly Name

Step 4: Viewing the Trusted Root Certificate Authorities

Likewise, for Personal Certificates, you can also view Root Certificates available on your system.

You have to double-click on the Trusted Root Certification Authorities folder. It will display the Certificates folder inside it. Further, double-click on the Certificates folder, and the system will display information about all the Root Certificates.

The Microsoft Certificate Management Console also displays the total number of certificates in a particular folder. You only have to select a folder, which will display the total value at the bottom. For instance, the console is exhibiting 69 certificates in the Trusted Root Certification Authorities folder in the snippet.

Step 5: Viewing the Trusted Code Signing Certificates

Select and double-click on the Trusted Publishers folder to view the Code Signing Certificate getting trusted by your system. It will display a sub-folder. Further, you have to double-click on the sub-folder with the name Certificates. As a result, you will see all the Code Signing Certificates on your system.

It will include the Code Signing Certificates from the software installed on the device and, by default available ones.

Step 6: Analyzing the Details of a Particular Certificate

In the right panel, where a list of certificates is getting displayed. You have to double-click on any certificate, and a new dialog box will get opened showing Certificate Information.

You can assess the Issue date, expiration date, issuing authority, and all other essential details. It has three different tabs under it. General, Details, and Certification Path. When the dialog box appears, it, by default, shows the information in General Tab.

Step 7: Analyzing Information in Details Tab

You have to single-click on the Details tab to view additional certificate information. Under it, you can consider the following:

  • Version
  • Serial Number
  • Signature Algorithm
  • Signature Hash Algorithm
  • Public Key
  • Public Key Parameters
  • Subject Key Identifier
  • Authority Key Identifier
  • Key Usage
  • Basic Constraints
  • Thumbprint and much more

You have to select any of them to see the extended details of the digital certificate. Moreover, if you want to view such information about the SSL certificate, you can follow the same steps.

Step 8: Looking Over the Certificate Path

The certificate Path helps to determine the root certificate authority. When you click on the Certification Path tab, it will show you a Chain of Trust. In addition, you can view the details of any certificate in the chain by selecting that certificate and then clicking on View Certificate.

Let’s Discover The Best Code Signing Certificate, Seamlessly Accepted By The System

As we have seen in the above steps, that system creates a separate folder for the Trusted and Untrusted Publishers. It means that when a user tries to install software from a trusted developer, it doesn’t show any warning. But, in the case of an untrusted author, SmartScreen and Unknown Publisher Warning gets displayed.

Therefore, you should always buy code signing certificate from an authentic provider. And you must choose a reputed Certificate Authority, such as Comodo or Sectigo.

Whenever you are looking for a provider, you must keep the following checklist handy:

  • The Provider must be an authorized partner of the CA, such as SignMyCode is the partner of Sectigo.
  • All three Code Signing Certificates (IV, OV, and EV) must be available at a single seller.
  • The vendor should provide 24/7 support services along with guides and instruction manuals.
  • The only business of the entity must be of Code Signing Certificate.
  • Compare the price with other vendors to get the best deal.

Wrapping Up

Windows Certificate Management is a cutting-edge tool. It streamlines the export, import, update, deletes, and organize tasks associated with digital certificates. In addition, it aids to view the Chain of Trust associated with a particular certificate.

Accessing the certificate management panel is an easy process. You only have to execute a single command, and it will open. Then, you can select the folder, navigate to the sub-folder and check any certificate you want.

Janki Mehta

Janki Mehta is a Cyber-Security Enthusiast who constantly updates herself with new advancements in the Web/Cyber Security niche. Along with theoretical knowledge, she also implements her practical expertise in day-to-day tasks and helps others to protect themselves from threats.