Export (0) Print
Expand All
2 out of 7 rated this helpful - Rate this topic

Deploy a Certificate by Using the Command Prompt

Updated: August 31, 2007

Applies To: Windows Server 2008

You can use this procedure to install a certificate into the certificate stores on a computer by using the CertMgr.exe command-line tool. The CertMgr command-line tool is part of the Windows Driver Kit (WDK). To access the WDK, see http://go.microsoft.com/fwlink/?LinkId=59546.

Membership in the local Administrators group, or equivalent, is the minimum required to complete this procedure.

To deploy a certificate by using CertMgr.exe at a command prompt

  1. At a command prompt, type the following, and then press ENTER:

    certmgr.exe -add MyCert.cer -s -r localMachine trustedpublisher

     

    Value Description

    -add MyCert.cer

    Specifies that the certificate found in the file MyCert.cer is to be added to a certificate store.

    -s

    Specifies that the store is the computer certificate store.

    -r localMachine

    Specifies that the computer certificate store is found under the registry location HKEY_LOCAL_MACHINE.

    trustedpublisher

    Specifies that the certificate is to be placed in the Trusted Publishers certificate store.

  2. If the certificate is self-signed, and cannot be traced back to a certificate that is in your Trusted Root Certification Authorities, then you must place a copy of your certificate in that store as well.

    certmgr.exe -add MyCert.cer -s -r localMachine root

     

    Value Description

    root

    Specifies that the certificate is to be placed in the Trusted Root Certification Authorities certificate store.

Formatting legend

 

Format Meaning

Italic

Information that the user must supply

Bold

Elements that the user must type exactly as shown

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft. All rights reserved.