CertUtil: ERROR_INVALID_ACL (0x80070538) exception when trying to install root certificate on Windows

2

I have a program that installs a certificate to Trusted Root (with user's consent). However, some of the users are unable to use my software due to an exception that occures whenever a command to add a certificate is executed. It happens both when using certutil and powershell.


Certutil

Command: -addstore -user -f root cert.pem

Output: -addstore команда НЕ ВЫПОЛНЕНА: 0x80070538 (WIN32: 1336 ERROR_INVALID_ACL) Список управления доступом (ACL) имеет неверную структуру.

Roughly translates to The access control list structure is invalid.


PowerShell

Command: Import-Certificate -FilePath .\cert.pem -CertStoreLocation Cert:\CurrentUser\Root

Output: https://imgur.com/ZkHHEVx


Unfortunately there's not much about that error on the Internet so in case anyone has had experience with it I'd be greatful if you share.

windows
powershell
certificate
exceptions
certutil
asked on Super User Jan 9, 2019 by alexalok

1 Answer

0

The correct parameters for the certutil command are:

CERTUTIL -addstore -enterprise -f -v root "cert.pem"
answered on Super User Jan 11, 2019 by harrymc

User contributions licensed under CC BY-SA 3.0