Re: Silent installation of Root Certificates?

From: Torgeir Bakken (
Date: 09/25/02

From: Torgeir Bakken <>
Date: Wed, 25 Sep 2002 03:49:25 +0200

Jim Reed wrote:

> It there a mechaniasm for performing a silent
> installation of a .cer file into IE 5.0 browsers? The
> default user expereince for installing a root certificate
> is pretty elaborate for novices.
> Is there an C++ API that will perform the install? That
> way we could use activeX to make it easier for end users.
> Are there any other tools to make this experience easier
> for novice end users?


You can use vbscript and CAPICOM

Introducing CAPICOM

At Mitch Gallants site you will find examples

of CAPICOM used by VBScript.

Alternatively, you can use the command line utility certmgr.exe, a
cryptoAPI/Authenticode tool from MS (and also Certutil.exe I suppose).

To add a certificate to the "Trusted Root Certification Authorities" in

certmgr.exe -add -c "<cert-file>" -s -r localMachine root

More information can be found here:

******* Certmgr.exe *******
Download certmgr.exe from:
Authenticode for Internet Explorer 5.0

Certificate Manager Tool (Certmgr.exe)

Using CertMgr

******* Certutil.exe *******
Using Certutil.exe to Manage and Troubleshoot Certificate Services

Using the Certificate Services Command-Line Programs