Certificates: Several nodes in the applet's tree list are just box characters

[Vanguard]

When I run the Certificates applet (certmgr.msc), the tree list of various
categories of certificates has three first-level nodes that are composed of
squarebox characters, so the tree list looks like:

Certificates - Current User
|_ Personal
|_ Trusted Root Certification Authorities
|_ Enterprise Trust
|_ Intermediate Certificate Authorities
|_ Active Directory User Object
|_ Trusted Publishers
|_ Untrusted Certificates
|_ Third-Party Root Certification Authorities
|_ Trusted People
|_ #
|_ #
|_ #####k

In the above, the # character was used to represent the squarebox character
displayed in the applet's tree nodes. Selecting them shows no object types
under those nodes.

Are the first 9 nodes from Personal to Trusted People the only ones that
should show up in the tree list? Or am I missing some categories? When I
go into Internet Options -> Content -> Certificates, the tabs listed at the
top for the certificate categories are:

Personal
Other People
Intermediate Certification Authorities
Trusted Root Certification Authorities
Trusted Publishers
Untrusted Publishers

So this list has 6 categories while the Certificates MMC applet has 9 (plus
the 3 malnamed ones). If I run the MMC applet (mmc.exe) and add the
Certificates snap-in for current user and another for local computer, I see
the nodes with the squarebox characters.

Besides the certs that are added during Windows XP installation, the only
cert added since then is for EFS (for my account).

 

[Vanguard]

When I run the Certificates applet (certmgr.msc), the tree list of various
categories of certificates has three first-level nodes that are composed
of squarebox characters, so the tree list looks like:

Certificates - Current User
|_ Personal
|_ Trusted Root Certification Authorities
|_ Enterprise Trust
|_ Intermediate Certificate Authorities
|_ Active Directory User Object
|_ Trusted Publishers
|_ Untrusted Certificates
|_ Third-Party Root Certification Authorities
|_ Trusted People
|_ #
|_ #
|_ #####k

In the above, the # character was used to represent the squarebox
character displayed in the applet's tree nodes. Selecting them shows no
object types under those nodes.

Are the first 9 nodes from Personal to Trusted People the only ones that
should show up in the tree list? Or am I missing some categories? When I
go into Internet Options -> Content -> Certificates, the tabs listed at
the top for the certificate categories are:

Personal
Other People
Intermediate Certification Authorities
Trusted Root Certification Authorities
Trusted Publishers
Untrusted Publishers

So this list has 6 categories while the Certificates MMC applet has 9
(plus the 3 malnamed ones). If I run the MMC applet (mmc.exe) and add the
Certificates snap-in for current user and another for local computer, I
see the nodes with the squarebox characters.

Besides the certs that are added during Windows XP installation, the only
cert added since then is for EFS (for my account).

Guess no one has seen this.

 

[Rock]

Guess no one has seen this.

It's the same in my system for both the certificates manager and IE. I
also added an EFS certificate.

 

[Vanguard]

It's the same in my system for both the certificates manager and IE. I
also added an EFS certificate.

Well, I found in the registry where these box-character named certificate
groups were defined. They are under:

HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates

There are subkeys which use the box character as their key name. I exported
these keys into .reg files and deleted them from the registry. Don't know
what screwed up in naming them and doubt that they are actually needed or
used. There were no certificates listed under these box-character named
registry keys.

 

[Rock]

Well, I found in the registry where these box-character named
certificate groups were defined. They are under:

HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates

There are subkeys which use the box character as their key name. I
exported these keys into .reg files and deleted them from the registry.
Don't know what screwed up in naming them and doubt that they are
actually needed or used. There were no certificates listed under these
box-character named registry keys.

Why are you concerned about it?

 

[Vanguard]

Why are you concerned about it?

Because the box-character named certificate groups might have been
legitimate groups but incorrectly named. That's why I was asking what
others have listed for certificate groups (that don't have any with the
box-character named groups) to see which one were expected or a minimal set
of groups. Having someone misspell your name doesn't make you stop
existing, so the misspelled certificate groups might actually be legitimate
groups under their correct name. The groups appear identified by a name in
the registry rather than an index number (which is often used in the
registry). For example, all the accounts defined in Outlook Express are
identified by an 8-digit hexadecimal index as the key name, not by the name
you give to that account. If the reference to a certificate group were
other than by its name, those groups might actually be used for some class
of certificates (for which I don't have any yet).

Because the certificate groups are identified by name, and because it is
unlikely that any other references would use the box characters to identify
under which group to store a certificate type, it seems these are bogus
groups defined in the registry. However, it is possible that there supposed
to be more than groups than I listed (sans the box-named groups). If, for
example, other users saw a certificate group named "Pirated Certificates"
(which were grouped separately from the "Untrusted Certificates" group) then
I would know that one of the box-named groups should have probably been
named "Pirated Certificates" and that I would have to resolve the issue of
figuring out what the box-named groups should have really been named.

I listed the groups that Certificate Manager shows on *my* host hoping that
everyone else also sees only those same groups, and that my box-named groups
are "extra" or bogus groups that I could delete without later consequences.
You ask why I care. I ask why you are afraid of deleting them if you
believe they are "don't care" or bogus groups? There must be some reason
why you believe that you should not delete them. You ask why delete them.
I answer because I don't like seeing undefined entries because maybe they
are supposed to be defined but differently named. In reply to your reply, I
ask why not delete them to cleanup the output of the Certificate Manager and
not cause concern by any user of that host.

 

[David Candy]

Copy the box characters to Wordpad, select them one by one and press Alt + X. They will convert to the hexidecimal value of the unicode character. Character map can search for them by hexidecimal number. Then you'll know what it says. The font used can't show the character.

Hex To Unicode IME
In programs based on the Rich Edit 3 control, such as Wordpad, enter a unicode number in hexidecimal format into the document then press Alt + X. This will convert the number typed into the unicode character. Select a character and press Alt + X to convert that character into it's unicode number.

Selecting letters A to E will result in it being considered a hexidecimal number and it will convert to the unicode characters (which are things like form feed and the enter key).

To convert hexidecimal to decimal start Windows Calculator (type calc in Start - Run or Start - All Programs - Accessories - Calculator) and choose Scientific from the View menu. Select Hex, enter the number, and click Dec. Hex and Decimal are also on the View menu.

 

[Vanguard]

"David Candy" <.> wrote in message
Copy the box characters to Wordpad, select them one by one and press Alt +
X. They will convert to the hexidecimal value of the unicode character.
Character map can search for them by hexidecimal number. Then you'll know
what it says. The font used can't show the character.

Hex To Unicode IME
In programs based on the Rich Edit 3 control, such as Wordpad, enter a
unicode number in hexidecimal format into the document then press Alt + X.
This will convert the number typed into the unicode character. Select a
character and press Alt + X to convert that character into it's unicode
number.


--- REPLY SEPARATOR ---

Didn't know about that shortcut (but then I didn't find it in the help,
either). I did what you suggested. Below is a copy of the .reg file lines,
all under the HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates key
(denoted by the "..." to shorten the line), that have the box characters in
the key name (I'm not sure how they will appear when you see this):

....\ä…ƒ
....\ä…ƒ\Certificates
....\ä…ƒ\CRLs
....\ä…ƒ\CTLs
....\å¥
....\å¥\Certificates
....\å¥\CRLs
....\å¥\CTLs
....\䉳䉳䉳䉳䉳k
....\䉳䉳䉳䉳䉳k\Certificates
....\䉳䉳䉳䉳䉳k\CRL
....\䉳䉳䉳䉳䉳k\CTLs

When I used your technique to convert them to their Unicode hex value, I got
(the values are shown in braces to delineate them from each other):

....\{4143}
....\{4143}\Certificates
....\{4143}\CRLs
....\{4143}\CTLs
....\{594D}
....\{594D}\Certificates
....\{594D}\CRLs
....\{594D}\CTLs
....\{6441}{7264}{7365}{4273}{6F6F}k
....\{6441}{7264}{7365}{4273}{6F6F}k\Certificates
....\{6441}{7264}{7365}{4273}{6F6F}k\CRLs
....\{6441}{7264}{7365}{4273}{6F6F}k\CTLs

Although the first 4 lines looked to be duplicated, the second 4 with the
single box character were for a different Unicode value.

Character Map wasn't finding any of these Unicode values, so I had to hunt
for a Unicode lookup table somewhere. I found
http://www.unicode.org/charts/ where I could do a lookup on the character
code. That led me to http://www.unicode.org/charts/PDF/U4E00.pdf.
Apparently everyone reading the document is assumed to know what "CJK" means
(i.e., they don't follow documentation standards where the entire phrase is
displayed on it first use and abbreviated thereafter). My guess is it is
some Chinese character set. It's a PDF doc using a huge graphic image to
show the characters so I cannot copy and paste them here.

I don't read Chinese, so it's all Chinese to me rolleyes. Now why would
Microsoft use Chinese characters for registry key names for categories of
certificates? I don't have a Chinese version of Windows.

 

[Rock]

Vanguard wrote:

Because the box-character named certificate groups might have been
legitimate groups but incorrectly named.

<snip>

I still don't understand why you are concerned and why you felt the need
to delete them. Was it creating a problem?