Recently moved my root enterprise CA from Server 2008 to Server 2012 and was no longer able to delete pending request or expired certificates with using the -deleterow parameter. The error I was getting:
C:\>certutil -v -deleterow 08/05/2013 Request
CertUtil: -deleterow command FAILED: 0x80070057 (WIN32: 87)
CertUtil: The parameter is incorrect.
After 12 hours of pulling my hair out and verifying ever aspect of the migration I did, it turned out (although not mentioned at all in the certutil command help, e.g. http://technet.microsoft.com/en-us/library/cc732443.aspx#BKMK_deleterow) I had to spell the month rather than use numbers:
C:\>certutil -deleterow Aug/05/2013 Request
Rows deleted: 34
CertUtil: -deleterow command completed successfully.
Muppets at MS, why oh why do you do this to us !?!?!?
Post a Comment