0X80092005

Fix CRYPT_E_EXISTS (0x80092005) Error Fast

Cybersecurity & Malware Intermediate 👁 0 views 📅 May 26, 2026

The object or property already exists. Usually shows up when installing software or certificates. Here's how to kill it in 30 seconds or dig deeper.

30-Second Fix: Clear the Duplicate

This error is dead simple 9 times out of 10. You're trying to install a certificate that's already in your Windows certificate store. The installer sees the same thumbprint and refuses to write it again.

Open the Microsoft Management Console (MMC) with certificate snap-in:

  1. Hit Win + R, type certlm.msc (for local machine) or certmgr.msc (for current user).
  2. Expand PersonalCertificates. Look for the cert you're trying to install. If you see it, right-click and Delete.
  3. Try installing your certificate again.

Had a client last month whose whole team couldn't install a code-signing cert on their dev machines. One guy had it from a previous project. Took me 10 seconds to delete it. They bought me lunch.

If you still see the error after deleting, the duplicate might be hiding in a different store (like Trusted Root Certification Authorities or Trusted Publishers). Check those too.

5-Minute Fix: Nuke the Doubles with PowerShell

Got a pile of certificates and can't spot the duplicate manually? Use PowerShell to find and remove by thumbprint.

First, find the thumbprint of the certificate you're trying to install. Usually it's in the .cer or .pfx file. Open it, go to Details tab, and copy the Thumbprint.

Then run this in an elevated PowerShell window:

Get-ChildItem -Path Cert:\LocalMachine\My | Where-Object { $_.Thumbprint -eq "YOUR_THUMBPRINT_HERE" } | Remove-Item

Replace LocalMachine\My with the correct store path if needed. Common paths:

  • Cert:\LocalMachine\Root – Trusted Root Certification Authorities
  • Cert:\LocalMachine\TrustedPublisher – Trusted Publishers
  • Cert:\CurrentUser\My – Current user's personal store

Run the same command for each store where the duplicate might live. Then reinstall. If the error's gone, you're done.

Pro tip: If you're installing a .pfx with a private key, the duplicate might be in the user's store even if you're installing to the machine store. Check both. I've seen this with SQL Server certificates where the installer jams it into the wrong store without telling you.

15-Minute Fix: Deep Clean with Certutil

If the fast and moderate fixes didn't work, the error might be caused by a corrupted certificate store or a certificate that's been partially installed but flagged as existing by the crypto API.

Step 1: Dump all certificates to a file.

certutil -store My > C:\temp\certs.txt

Open that file. Search for the thumbprint or subject name of your certificate. Note the Serial Number (it's usually in hex).

Step 2: Delete by serial number.

Elevated command prompt:

certutil -delstore My "SERIAL_NUMBER_HEX"

But here's the trick – sometimes the store is corrupt and delstore fails silently. If you get an access denied or the deletion doesn't stick, you need to nuke the store file directly.

Step 3: Delete the store file (last resort).

Stop the Cryptographic Services service:

net stop cryptsvc

Then delete the store file. For the machine store, it's in:

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys

Find the file that matches your certificate's unique ID (it's a GUID file name). You can identify it by checking the file properties – the friendly name often shows up. Delete it.

Restart the service:

net start cryptsvc

Now try installing your certificate fresh.

Warning: This is the nuclear option. Deleting the wrong file can break other certificates. Only do this if you're certain the file belongs to the duplicate and you have backups of any important certs.

Why This Error Happens (The Real Story)

CRYPT_E_EXISTS is Windows' way of saying “I already have this certificate, stop trying to shove it in.” It's not a bug, it's a feature – but it's a pain when the duplicate isn't visible.

Common triggers:

  • Reinstalling the same .pfx after a previous install didn't fully clean up.
  • Running an installer that bundles a certificate (seen this with Cisco VPN clients and some database drivers).
  • Using MDT or SCCM to push certificates to machines that already have them.
  • Manually importing a cert via double-click and not realizing it's already there.

Most folks spend hours reinstalling software or rebuilding machines when all they needed was a quick delete. Don't be that guy.

“Spent two hours on a ticket once. The user had installed the same certificate three times trying to fix a different error. Told him to stop double-clicking everything.” – Actual experience.

If none of these steps fix it, check your antivirus or endpoint protection. Some tools lock certificate stores (I'm looking at you, McAfee). Temporarily disable real-time scanning, install the cert, then re-enable. But start with the 30-second fix – 9 times out of 10, that's all you need.

Was this solution helpful?

CRYPT_E_EXISTS 0x80092005 certificate error object already exists Windows certificate store crypt32.dll certificate installation fails Microsoft update error SQL Server certificate error Windows 10 certificate issue Windows 11 certificate error fix certificate conflict delete duplicate certificate certlm.msc certmgr.msc