Adding Self Signed Certificate to trusted root certificate store using Command Line

5

Is there any way to add certificate to Local Computer's Trusted Root Certification Authority using command line? I tried using certmgr.exe, it shows success but when i check root CA, i don't see my certificate there.

I followed the guide here:

http://msdn.microsoft.com/en-us/library/ms172241.aspx

Basically trying this command:

certmgr.exe -add -c mycertificate.cer -s -r localMachine root

The command works and shows success on command line, but i can not see the certificate in actual trusted root store through mmc, Is it the procedure for self signed certificate is different? I have setup an IIS server with SSL Binding to this certificate which is originally placed in "MY" store. But im doing everything through autoamted scripts so i want to know how can i add this certificate to trusted root CA using cmd line option??

Johnydep

Posted 2012-08-18T00:21:52.957

Reputation: 815

What were the actual command line options you used with CertMgr.exe? What (user) context is are the scripts running in? How did you create the certificate? How are you checking the root CA? – Ƭᴇcʜιᴇ007 – 2012-08-18T00:56:31.930

i used only this command: certmgr.exe -add -c mycertificate.cer -s -r localMachine root – Johnydep – 2012-08-19T19:55:31.947

and off course the script is a invoked java process running under admin privileges. – Johnydep – 2012-10-06T13:26:29.760

Answers

1

Did you try it manually (by double-clicking on the CER file)? If even manually it's not working, you might be encountering a Vista bug.

Manual steps to install a Root CA certificate

  1. Double-click on the .cer file.
  2. On the Certificate dialog box, click Install Certificate to start the Certificate Import Wizard.
  3. On the Welcome page, click Next.
  4. On the Certificate Store page, select Place all certificates in the following store and click Browse.
  5. In the Select Certificate Store dialog box, select Show Physical Stores.
  6. Double-click Trusted Root Certification Authorities, select Local Computer, and then click OK.
  7. On the Certificate Store page, click Next.
  8. On the summary page, review the details and click Finish.

tricasse

Posted 2012-08-18T00:21:52.957

Reputation: 513

Thank you, actually yes the problem was with certificate itself as i tried with other certificates and it worked. – Johnydep – 2012-09-03T02:13:45.407

Asked: 2012-08-18T00:21:52.957

Viewed: 10 254 times

Active: 2013-02-21T20:39:24.380