Repackaging Certificates
HI
I Have repackaged a set of certificates used for a web based application with wise
The problem I have is during the deployment of the msi.
the msi deploys ok on some client pc 's but not on other pc's with exactly the same build.
all the individual clients have the same admin rights
the op is win 2000
the error that I am getting is error 1406 " could not write value certificates to key"
hkcu/software/microsoft/systemcertificates/root/protectedroots
please any ideas will be much appreciated
I Have repackaged a set of certificates used for a web based application with wise
The problem I have is during the deployment of the msi.
the msi deploys ok on some client pc 's but not on other pc's with exactly the same build.
all the individual clients have the same admin rights
the op is win 2000
the error that I am getting is error 1406 " could not write value certificates to key"
hkcu/software/microsoft/systemcertificates/root/protectedroots
please any ideas will be much appreciated
0 Comments
[ + ] Show comments
Answers (9)
Please log in to answer
Posted by:
jaybee96
19 years ago
I have the following solution to implement a certificate:
1. Download the .Net SDK which contains the certmgr.exe tool.
2. put the certmgr.exe tool and the certificate.cer in one folder
3. use the following commandline parameter:
certmgr.exe -add -all certifcatename.cer -s -r localmachine Root
you can wrap this up in a msi or whatever you like....
greetz,
Jeroen
1. Download the .Net SDK which contains the certmgr.exe tool.
2. put the certmgr.exe tool and the certificate.cer in one folder
3. use the following commandline parameter:
certmgr.exe -add -all certifcatename.cer -s -r localmachine Root
you can wrap this up in a msi or whatever you like....
greetz,
Jeroen
Posted by:
plangton
19 years ago
Posted by:
rahvintzu
19 years ago
Posted by:
KPrinz
19 years ago
certmgr.exe -add -all certifcatename.cer -s -r localmachine Root
Works like a charm. Thanks so much for this hint!
And to make things easy, here the download link.
Posted by:
AngelD
19 years ago
To be able to "install" an certificate you must have local administrative privilege which seems to be the case of cygan's users. This wouldn't work in a lookdown environment.
I would use a certificate server that publish the certificate to the end user, which will also do the trick to change the certificate when needed in a easier manner.
I would use a certificate server that publish the certificate to the end user, which will also do the trick to change the certificate when needed in a easier manner.
Posted by:
KPrinz
19 years ago
ORIGINAL: MSIMaker
I have to ask though.......does running that command allow users to install any certificate on the workstation?
Uh?
certmgr.exe is the command line tool to the Certificate Import Wizard that you run from inside IE. Nothing else. It just does the same thing on a cmd line to run it from a script.
Posted by:
MSIMaker
19 years ago
Nice pickup Jeroen :)
I have to ask though.......does running that command allow users to install any certificate on the workstation?
If it does then its not a real good solution for a locked down environments because users might visit a website and install certificates that may be dangerous to the enterprise. Having users installing certificates from websites that install browser hijacks could be very embarrassing indeed.
I have to ask though.......does running that command allow users to install any certificate on the workstation?
If it does then its not a real good solution for a locked down environments because users might visit a website and install certificates that may be dangerous to the enterprise. Having users installing certificates from websites that install browser hijacks could be very embarrassing indeed.
Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.
so that the conversation will remain readable.