Deploy root/trusted publisher certificate file to windows machines

windows certificate sccm

Solution 1:

As you have that many machines it seems reasonable to assume you're use an AD domain, in which case you can push the certs out using Group Policy Objects. There are numerous articles describing the steps, such as this one from Technet.

Solution 2:

Following clues from this prior question import certificate using command line in Win XP Home, and a fair bit of playing around, now have this consistently deploying across OS's.

Have extracted the following files from the 32-bit Win Server 2003 SP2 Admin Pack (KB340178) and saved together with the certificate in a folder on the packages source in SCCM:

certadm.dll
certcli.dll
certreq.exe
certutil.exe
cert.cer

Now ditching the batch file and creating two separate programs in SCCM with the following two command lines (both chained together into the one advert) it all seems to be working as an automated rollout across the OS's.

certutil.exe -addstore TrustedPublisher cert.cer

certutil.exe -addstore root cert.cer

Related

How to fix Apache Content-Type for PHP-parsed CSS?
PHP-FPM - Error 503 - Attempt to connect to Unix domain socket failed
How to access the environment name in Puppetfile
Who is using the swap memory and why?
Internal and External DNS from Different Servers, Same Zone
Cloning a VPS into a local VM?
Conflicts between ACLs and umask
Apache not Forwarding Client x509 Certificate to Tomcat via mod_proxy
Transition domain to new web host without waiting for DNS propagation
Which storage protocol to use for ESX storage?
SVN Authentication with LDAP and Active Directory
Updating Dell PowerEdge firmware on Ubuntu?