0

UPDATE -- I tried exactly the same thing using Python and it works perfectly !!

import os
os.system('certutil.exe -v -getkey "614D628A00000000014C" C:/Users/kra/kevin')

Could somebody shed some light on this issue please!

If I run this ruby code:

require 'open3'
stdin, stdout, stderr = Open3.popen3('certutil -v -getkey "614D628A00000000014C" C:/Users/kra/kevin')            
puts stdout.read

I get the following error: 

Querying WIN-3CF41NBPT85.demo.com\demo-CA
CommonName: 614D628A00000000014C
CertUtil: -GetKey command FAILED: 0x80092004 (-2146885628)
CertUtil: Cannot find object or property.

However if I run the command directly from the command line, it works.

C:\Users\kra>certutil -getkey "614D628A00000000014C" C:/Users/kra/kevin
Querying WIN-3CF41NBPT85.cjndemo.com\cjndemo-CA.....................

"WIN-3CF41NBPT85.demo.com\demo-CA"
  Serial Number: 614d628a00000000014c
  Subject: CN=Kevin, C=GB
   NotBefore: 11/30/2012 10:20 AM
   NotAfter: 5/7/2013 9:29 AM
  Template: Copy of Web Server
  Version: 3
  Cert Hash(sha1): 88 b1 7a 74 8c be 73 d5 16 07 7f 19 16 57 14 c5 dd a9 79 7f


Recipient Info[0]:
CMSG_KEY_TRANS_RECIPIENT(1)
CERT_ID_ISSUER_SERIAL_NUMBER(1)
    Serial Number: 129e45d3000000000130
    Issuer: CN=demo-CA, DC=demo, DC=com
    Subject: CN=kra, CN=Users, DC=demo, DC=com
CertUtil: -GetKey command completed successfully.

Interestingly if I run this ruby code:- 

require 'open3'
stdin, stdout, stderr = Open3.popen3('certutil -recoverkey -p lexicon C:\Users\kra\kevin C:\Users\kra\kevin.pfx')
puts stdout.read

It also works.

Computed Hash: 6e d3 b8 ad 93 16 7b f0 fb b3 f5 cd 7e e4 bb ad fb 95 a0 81

User Certificate:
    Serial Number: 614d628a00000000014c
    Issuer: CN=demo-CA, DC=demo, DC=com
    Subject: CN=Kevin, C=GB
    Cert Hash(sha1): 88 b1 7a 74 8c be 73 d5 16 07 7f 19 16 57 14 c5 dd a9 79 7f
CertUtil: -RecoverKey command completed successfully.

I'm assuming its some kind of weird environmental thing because clearly ruby is able to call the certutil.exe command?

Improve this question
4
  • Try omitting the quotation marks from the argument to "-getkey". Your command shell likely strips them out while the Ruby exec (popen3) command might not. Commented Nov 30, 2012 at 20:39
  • Yes - Tried this. It didn't make any difference. Commented Nov 30, 2012 at 21:06
  • Have you tried using system(...) or backquotes (output = %x(...)) in Ruby? Commented Nov 30, 2012 at 21:33
  • Yeah tried that - same problem though! Commented Nov 30, 2012 at 23:54

1 Answer 1

Reset to default
1

The first parameter for Open3.popen3 is the environment you want to pass to the sub-command. I've had to use this to get things working as I expected on occasion:

Open3.popen3(ENV, 'command') { ... }

which passes the current script's environment to the sub-command. The current script will have inherited its environment from the command-line, so, theoretically, the sub-command will have the same information the command issued at the command-line did.

If necessary, you can also extract subsets of ENV, or temporarily overwrite variables before calling popen3.

Instead of popen3, try using capture3. It's very similar, but I consider it a bit less low-level. I've seen some weird behavior with popen3 that capture3 avoided nicely. Also, again, notice that you can pass in ENV.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

So I tried stdin, stdout, stderr = Open3.popen3(ENV, 'certutil.exe -v -getkey "614D628A00000000014C" C:/Users/kra/kevin'). But it did'nt seem to help!
OK - Just tried capture3 - unfortunately it doesn't help. Same result as popen3. Crazy thing is if I call the python script above it works, if I put the string in a batch file it doesn't!

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.