Difference between revisions of "SSL CA Install"

From WPKG | Open Source Software Deployment and Distribution
Jump to: navigation, search
(General cleanups)
Line 1: Line 1:
I saw that other people have methods of installing Certificate Authority
+
There are probably lots of ways to do this.
certs in windows. Here is one that I have found.
+
  
You will need CertMgr.exe. It can be found in WinSDK / WDK. We'll grab
+
You will need CertMgr.exe. It's part of [http://www.microsoft.com/downloads/details.aspx?FamilyId=FE6F2099-B7B4-4F47-A244-C96D69C35DEC .NET Framework 2.0 Software Development Kit] - you don't need the entire kit on your clients or in your WPKG installation, only CertMgr.exe.
the latest WinSDK, the Vista version which can run on XP Pro as well.
+
  
 +
CertMgr.exe is documented [http://msdn.microsoft.com/en-us/library/e78byta0(VS.80).aspx here]. Basic usage as follows:
  
Note that WinSDK's installer (Setup.exe) needs Net 2.0:
+
%programfiles%\Microsoft.NET\SDK\v2.0\Bin\CertMgr.Exe /add ca-cert.der /all /s /r localMachine root
http://www.microsoft.com/downloads/thankyou.aspx?familyId=0856eacb-4362-4b0d-8edd-aab15c5e04f5&displayLang=en
+
  
 
+
This would install all CAs in ca-cet.der globally, for all users.
(silent install is /q on command line. )
+
 
+
 
+
 
+
Install WinSDK Setup.exe
+
 
+
http://www.microsoft.com/downloads/details.aspx?FamilyId=7614FE22-8A64-4DFB-AA0C-DB53035F40A0&displaylang=en
+
 
+
 
+
Silent install is /q on command line, but you only need the win32
+
utilities. I'm not sure how to select packages with quiet install.
+
 
+
Once WinSDK is installed, you have CertMgr.exe. It's buried in the Bin
+
folder in the SDK directory.
+
 
+
CertMgr.Exe -add ca-cert.der -s -r localMachine root
+
 
+
(leave off -r localMachine for user account install. "my" is the default
+
store for user certs, "root" for machine root certificates.)
+
  
 
Example:  
 
Example:  
Line 39: Line 18:
 
     priority="50"
 
     priority="50"
 
     execute="once">
 
     execute="once">
     <install cmd='%SOFTWARE%\pkg\ssl\CertMgr.Exe -add
+
     <install cmd="%SOFTWARE%\pkg\ssl\CertMgr.Exe /add ca-cert.der /all /s /r localMachine root">
%SOFTWARE%\pkg\ssl\ca-cert.der -s -r localMachine root'>
+
 
     </install>
 
     </install>
 
</package>
 
</package>

Revision as of 16:00, 27 August 2008

There are probably lots of ways to do this.

You will need CertMgr.exe. It's part of .NET Framework 2.0 Software Development Kit - you don't need the entire kit on your clients or in your WPKG installation, only CertMgr.exe.

CertMgr.exe is documented here. Basic usage as follows: 

%programfiles%\Microsoft.NET\SDK\v2.0\Bin\CertMgr.Exe /add ca-cert.der /all /s /r localMachine root

This would install all CAs in ca-cet.der globally, for all users.

Example: 

<package
 id="ssl_cert"
    name="ssl certificate"
    revision="1"
    reboot="false"
    priority="50"
    execute="once">
    <install cmd="%SOFTWARE%\pkg\ssl\CertMgr.Exe /add ca-cert.der /all /s /r localMachine root">
    </install>
</package>
Retrieved from "https://wpkg.org/index.php?title=SSL_CA_Install&oldid=6130"