Follow

How To Create Self-Signed Certificates with Certman

Created by: Brendan Bone
Created date:
Last Updated date:

Introduction: Certman is a utility, bundled with several AccessData products, that can be used to generate self-signed certificates.  These certificates can be used with the Enterprise Agent and other AccessData products.  The steps below will demonstrate how to use Certman.

 

Prerequisites:

  • Copies of certman.exe and its dependencies, all in the same folder (typically found in "[Drive]:\Program Files\AccessData\Forensic Toolkit\[version]\bin\certman.exe" and also in the attached ZIP)

Procedure:

  1. Open a Command Prompt (as Administrator)
  2. Navigate to the folder containing certman.exe
  3. Run the following command to generate a self-signed public/private key pair:
    certman.exe -n <issuer> <certificate_name>
    Where <issuer> is the name of the local PC where Certman is being run (including domain, if applicable), and <certificate_name> is what you'd like to name the certificate.
  4. Certman will generate a P12 private key package, KEY, and CRT public certificate in the same folder as certman.exe

Example:

If my PC were named "ADPC", on the "adlocal.com" domain, and I wanted my certificates to be named "MyCert", I'd run the following command:

certman.exe -n ADPC.adlocal.com MyCert

This would produce a private key package named MyCert.p12, MyCert.key, and a public certificate named MyCert.crt.

 

Notes:

  • Certificates generated by Certman are valid for 10 years
  • The resulting P12 is encrypted for use only with AccessData products
  • The resulting P12 and CRT can be used directly in AD Enterprise, AD Lab, FTK, Site Server, and Work Manager, without the need for conversion to ADP12
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

Powered by Zendesk