SSL Silent Install

I am trying to find a script to install SSL certificates silently.

i would prefer a way to do this with batch or VBS, but I am open to anything if these will not do the job!

Thanks guys!
LVL 1
geekhelp4uAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
ParanormasticConnect With a Mentor Cryptographic EngineerCommented:
The MII... is the normal look to a certificate signing request (.csr) file or a signed cert file (.cer).  Working with your previous statement, yes this looks good.

To get the text format for the .cer you can use this command:
certutil -encode filename.cer filename.txt

Then you can open that up into notepad and copy/paste it or call it from another program.  If you're using perl or something you could grab that data submit it as part of your program that way.

The code example is using a PKCS #7 file, which is the server cert bundled with the root certificate chain in one file (.p7b).    Usually the best way to handle this is to create a p7 file for the root chain and handle the end entity's cert seperately.  You can download the p7 file from http://YourCAName/certsrv and click the last option and then get the root chain there.

Generally, either you would deploy the root chain via GPO, etc. or you could use the same sample code and put the root chain first, then follow it with a similar entry for the end entity cert (your .cer file that you encoded to get the text).
0
 
ParanormasticCryptographic EngineerCommented:
If this is pushing a common cert to all (e.g. your CA's root certificate) this can be done via GPO:
Computer Settings / Windows Settings / Security Settings / Public Key Polices / Trusted Certificate Authorities

Otherwise, I believe this might work for you:
http://www.visualbasicscript.com/m_37106/tm.htm

Common cert store names when dealing with CAPICOM are:
User / Machine - MY
Intermediate -  CA
Root - ROOT
Sometimes you may need to put the intermediate in both CA and ROOT, if you are doing that keep that in the back of your head if just one or the other doesn't work.
0
 
geekhelp4uAuthor Commented:
how would i get this to install a .cer  in IE silently?
0
[Webinar] Kill tickets & tabs using PowerShell

Are you tired of cycling through the same browser tabs everyday to close the same repetitive tickets? In this webinar JumpCloud will show how you can leverage RESTful APIs to build your own PowerShell modules to kill tickets & tabs using the PowerShell command Invoke-RestMethod.

 
ParanormasticCryptographic EngineerCommented:
Try checking the second half of this, there is a code example at the bottom that you can look at too:
http://pkidev.internet2.edu/rootcerts/
0
 
geekhelp4uAuthor Commented:
Thanks, looks promising... but the page to download and install the CREN root certificate via the CEnroll control takes me to a blank white screen?
0
 
ParanormasticCryptographic EngineerCommented:
Don't worry about downloadign their root cert, just the code sample.  Their root cert is just for authenticating their root and doens't really have anything to do with your situation.
0
 
geekhelp4uAuthor Commented:
OK.. so have you done this before? If so, please break it down more dummy proof.

I am assuming that the:

 credentials = "MIID0gYJKoZIhvcNAQcCoIIDwzCCA78CAQExADALBgkqhkiG9w0BBwGgggOnMIIDozCCAoug" & _ ...

is my .cer file.  How do I get this code from a .cer?
0
All Courses

From novice to tech pro — start learning today.