Re: Deploy Root CA to 98

From: Brian Komar (bkomar_at_nospam.identit.ca)
Date: 08/19/05 

Date: Fri, 19 Aug 2005 06:39:12 -0500

In article <#K5TA51oFHA.3084@TK2MSFTNGP09.phx.gbl>,
jdsms@tribalsimba.net says...
> We have a few 98 machines left, and after implementing our first ever Root
> CA in-house for secure and trusted application deployment is has been
> identified that the Root CA certificate needs to be deployed to these few 98
> machines in addition to our mainstream XP environment.
>
> Ideally I was hoping there was a command line utility like
> "certutil -installCert" on XP, so I could deploy with a simple addition to
> my logon script. Unable to locate a similar command line tool for 98, I was
> hoping one was deployed with Internet Explorer 6.0, but apparently not, as I
> am still running into a brick wall.
>
> Does anyone have any ideas on how to deploy (install) a certificate
> transparently on client Windows 98 computer in an Active Directory Networked
> environment. Group Policy is unable to manipulate 98 machines to my
> knowledge, so if there is a viable route there, I'm happy to explore it. It
> is how I currently deploy the CA to all my other systems.
>
> Thanks,
>
>
>
You could also use a capicom script to install the root as a trusted
root on the Windows 98 computer. There is a script named ctool.vbs on
the CD that accompanies my book that does this.

The Windows 98 client will also require the installation of CAPICOM to
be able to run the script, so as Steve stated, you may be better off
installing the certificate manually unless the WIndows 98 clients run a
logon script, allowing the automated installation of CAPICOM.

Brian
Microsoft® Windows Server=3F 2003 PKI and Certificate Security
http://www.microsoft.com/MSPress/books/6745.asp 

-- 
==
Brian Komar
MVP - Windows - Security
http://www.identit.ca/blogs/brian

Relevant Pages

  • Re: Microsoft Warns of New Windows Flaw (March 19, 2003 )
    ... In WINDOWS SETUP in ADD/REMOVE PROGRAMS of Control Panel ... Uninstall Outlook Express, ... Java, Javascript, ActiveX and all the other script runner toys Billy ... Install WebWasher the spammers are terrified of free from ...
    (comp.security.misc)
  • Re: Microsoft Warns of New Windows Flaw (March 19, 2003 )
    ... In WINDOWS SETUP in ADD/REMOVE PROGRAMS of Control Panel ... Uninstall Outlook Express, ... Java, Javascript, ActiveX and all the other script runner toys Billy ... Install WebWasher the spammers are terrified of free from ...
    (comp.security.firewalls)
  • RE: Location of web root
    ... Subject: Location of web root ... during install) pointing out that a Custom install will allow for a more ... in a different folder off C:. ... were the script kiddie, how would you exploit the machine. ...
    (Security-Basics)
  • Re: Windowz convert wants to know why he should not be root???
    ... Throwing myt $.02 in here as a fellow Windows user... ... In Linux you can run as normal user yet still type in a root password any ... (We were switching from a self-managed install paradigm ...
    (alt.os.linux.suse)
  • Re: Rexx problem? - advice sought, Please
    ... Examples (Start with Drive S: current is root): ... In REXX function Directory() gets the same result as CD. ... There have been several public betas of this application using the install script. ...
    (comp.os.os2.programmer.misc)