How to verify the security of certificates installed in Windows

Sigcheck is a useful tool provided free of charge by Microsoft to check your computer for harmful digital certificates. 

You can download it from the Ms-TechNet website. 

 You can download it from the site, click on  How to use and once you have downloaded the tool and extracted the .zip, open a prompt window on the folder (by pressing the SHIFT key and right-clicking on an empty area inside the folder). 

 

In the prompt window that appears, enter the following command: 

sigcheck -tv 

and press ENTER. 

When prompted for scan authorisation, click on I Agree. 

The certificates detected in the computer will be listed and its validity for each one will be indicated . 

 

If you find an invalid certificate, you could delete it from the computer by opening the Windows Certificate Management Console: 

1- Right-click on the Windows start menu logo and open ‘Run’ (alternatively, press the Win+R combination)2- Insert and execute the command 

certmgr.msc 

3- Open the section “Trusted root certification authorities” and then open “Certificates”. 

4- Select and remove the malicious certificate. 

Other uses  

The tool can also be used to scan a folder while looking for digitally unsigned files. 

For example, with the following command: 

sigcheck -u -e c:\windows\system32 

the system32 folder will be scanned and the signed or unsigned files will be listed. 

Share on Social Media