deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-18 11:53:37 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Fix certificate deployment verification in Windows

Browse Source 
Hello for Business container
This commit is contained in:
Paolo Matarazzo
2023-12-08 12:36:32 -05:00
parent 7e03be69e3
commit 256dd9895c
1 changed files with 27 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
windows/security/identity-protection/hello-for-business/rdp-sign-in.md
View File

@ -190,7 +190,33 @@ The `Generate-CertificateRequest` commandlet generates an `.inf` file for a pre-
## Verify that the certificate is deployed
To verify that the certificate is corretly deployed to the Windows Hello for Business container, follow these steps:
To verify that the certificate is correctly deployed to the Windows Hello for Business container, use the following command:
```cmd
certutil -store -user my
```
The output lists keys and certificates stored in the user store. If a certificate issued from your CA is deployed to the Windows Hello for Business container, the output will display the certificate with a `Provider` value of `Microsoft Passport Key Storage Provider`.
For example:
```cmd
C:\Users\amanda.brady>certutil -store -user my
my "Personal"
================ Certificate 0 ================
Serial Number: 110000001f4c4eccc46fc8f93a00000000001f
Issuer: CN=Contoso - Issuing CA, DC=CONTOSO, DC=COM
NotBefore: 12/8/2023 6:16 AM
NotAfter: 12/7/2024 6:16 AM
Subject: CN=amanda.brady@contoso.com
Non-root Certificate
Template: 1.3.6.1.4.1.311.21.8.2835349.12167323.7094945.1118853.678601.83.11484210.8005739
Cert Hash(sha1): 63c6ce5fc512933179d3c0a5e94ecba98092f93d
Key Container = S-1-12-1-../../login.windows.net/../amanda.brady@contoso.com
Provider = Microsoft Passport Key Storage Provider
Private key is NOT exportable
Encryption test passed
```
## User experience