Hi, I'm working on an MSI package which needs to install some software and also needs to import a P12 (PFX) certificate. To install this certificate I use winhttpcertcfg.exe in Active Setup. There's only one problem, it's not completely silent, it shows a dialog box asking "Do you want to install this certificate?" with Yes or No button. Is there a way to suppress this or do you know a better way to import this kind of certificates silently?

Thanks in advance,

Koen
0 Comments   [ + ] Show Comments

Comments

Please log in to comment

Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.

Answers

0
[font="trebuchet ms"]I am having a problem importing a PFX cert (p12) into the personal store. When I do it manually, I get 2 entries in Console Root\Certificates(Local Computer)\Personal. [font="trebuchet ms"]However, when I do it from a commandline or script, I get only 1 entry in Console Root\Certificates(Local Computer)\Trusted Root certification authorities. [font="trebuchet ms"]The commandlines I have attempted to use with similar results are:
[font="trebuchet ms"]

winhttpcertcfg.exe -i Pfxfile -c LOCAL_MACHINE\My -a %COMPUTERNAME% -p password
winhttpcertcfg.exe -i Pfxfile -c LOCAL_MACHINE\My -a %USERNAME% -p password
Answered 08/07/2008 by: kiptek
Second Degree Green Belt

Please log in to comment
0
Hmmmmmm! no takers...? [:(]
Answered 08/11/2008 by: kiptek
Second Degree Green Belt

Please log in to comment
0
Hello,
I also have to import one certificate in the personal part. Well, but I dont get it to work. The certificate has no password but it doesnt matter how I use the WinHttpCert tool, it will not appear. Can please anybody help me with that?

Thx
Answered 12/20/2008 by: mac-duff
Second Degree Blue Belt

Please log in to comment
0
Hi,
I ve found for my problem another solution, the capicom.dll
Answered 12/20/2008 by: mac-duff
Second Degree Blue Belt

Please log in to comment
0
Have you tried replacing LOCAL_MACHINE/MY with CURRENT_USER\MY? If you need a distribution method for several users needing different .p12 files, here's a vbscript to make things easy.
-------------
Dim CertFilepath, CertFilename, CertTool, CertToolSwitches, CertToolSwitches1, cmd, wsh

'Initialize global variables

CertFilepath = "P:\Folder1\"
CertTool = """C:\Program Files\Windows Resource Kits\Tools\winhttpcertcfg.exe"""
CertToolSwitches = "-i"
Set WshNet = WScript.CreateObject("WScript.Network")
Set wsh = WScript.CreateObject("WScript.Shell")

'Show what you got
'WScript.Echo "Username: " & WshNet.Username

'Associated Users to specific certificate filenames
Select Case LCase(WshNet.Username)
Case "user1" CertFilename = "File1.p12 -c CURRENT_USER\MY -a %USERNAME% -p Password"
Case "user2" CertFilename = "File2.p12 -c CURRENT_USER\MY -a %USERNAME% -p Password"
Case "user3" CertFilename = "File3.p12 -c CURRENT_USER\MY -a %USERNAME% -p Password"
Case "user4" CertFilename = "File4.p12 -c CURRENT_USER\MY -a %USERNAME% -p Password"

End Select

'Again show what you got
'WScript.Echo "Certificate filename: " & CertFilepath+CertFilename
'Construct execute commmand
cmd = CertTool & " " & CertToolSwitches & " " & CertFilepath & CertFilename

'Show what you got
'wScript.echo "Execute command: " & cmd
wsh.Run cmd
------------
Hope this helps some, it's the only way I could get it to function for me.
Answered 02/03/2009 by: djaveri
Yellow Belt

Please log in to comment
Answer this question or Comment on this question for clarity