/bundles/itninjaweb/img/Breadcrumb_cap_w.png
Hi, I'm working on an MSI package which needs to install some software and also needs to import a P12 (PFX) certificate. To install this certificate I use winhttpcertcfg.exe in Active Setup. There's only one problem, it's not completely silent, it shows a dialog box asking "Do you want to install this certificate?" with Yes or No button. Is there a way to suppress this or do you know a better way to import this kind of certificates silently?

Thanks in advance,

Koen
0 Comments   [ - ] Hide Comments

Comments

Please log in to comment

Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.
Answer this question or Comment on this question for clarity

Answers

0
[font="trebuchet ms"]I am having a problem importing a PFX cert (p12) into the personal store. When I do it manually, I get 2 entries in Console Root\Certificates(Local Computer)\Personal. [font="trebuchet ms"]However, when I do it from a commandline or script, I get only 1 entry in Console Root\Certificates(Local Computer)\Trusted Root certification authorities. [font="trebuchet ms"]The commandlines I have attempted to use with similar results are:
[font="trebuchet ms"]

winhttpcertcfg.exe -i Pfxfile -c LOCAL_MACHINE\My -a %COMPUTERNAME% -p password
winhttpcertcfg.exe -i Pfxfile -c LOCAL_MACHINE\My -a %USERNAME% -p password
Answered 08/07/2008 by: kiptek
Second Degree Green Belt

Please log in to comment
0
Hmmmmmm! no takers...? [:(]
Answered 08/11/2008 by: kiptek
Second Degree Green Belt

Please log in to comment
0
Hello,
I also have to import one certificate in the personal part. Well, but I dont get it to work. The certificate has no password but it doesnt matter how I use the WinHttpCert tool, it will not appear. Can please anybody help me with that?

Thx
Answered 12/20/2008 by: mac-duff
Second Degree Blue Belt

Please log in to comment
0
Hi,
I ve found for my problem another solution, the capicom.dll
Answered 12/20/2008 by: mac-duff
Second Degree Blue Belt

Please log in to comment
0
Have you tried replacing LOCAL_MACHINE/MY with CURRENT_USER\MY? If you need a distribution method for several users needing different .p12 files, here's a vbscript to make things easy.
-------------
Dim CertFilepath, CertFilename, CertTool, CertToolSwitches, CertToolSwitches1, cmd, wsh

'Initialize global variables

CertFilepath = "P:\Folder1\"
CertTool = """C:\Program Files\Windows Resource Kits\Tools\winhttpcertcfg.exe"""
CertToolSwitches = "-i"
Set WshNet = WScript.CreateObject("WScript.Network")
Set wsh = WScript.CreateObject("WScript.Shell")

'Show what you got
'WScript.Echo "Username: " & WshNet.Username

'Associated Users to specific certificate filenames
Select Case LCase(WshNet.Username)
Case "user1" CertFilename = "File1.p12 -c CURRENT_USER\MY -a %USERNAME% -p Password"
Case "user2" CertFilename = "File2.p12 -c CURRENT_USER\MY -a %USERNAME% -p Password"
Case "user3" CertFilename = "File3.p12 -c CURRENT_USER\MY -a %USERNAME% -p Password"
Case "user4" CertFilename = "File4.p12 -c CURRENT_USER\MY -a %USERNAME% -p Password"

End Select

'Again show what you got
'WScript.Echo "Certificate filename: " & CertFilepath+CertFilename
'Construct execute commmand
cmd = CertTool & " " & CertToolSwitches & " " & CertFilepath & CertFilename

'Show what you got
'wScript.echo "Execute command: " & cmd
wsh.Run cmd
------------
Hope this helps some, it's the only way I could get it to function for me.
Answered 02/03/2009 by: djaveri
Yellow Belt

Please log in to comment