locked
How to Import/Install .pfx(certificate) on a Windows XP SP3 machine Automatically. RRS feed

  • Question

  • Scenario:

    -Hoping to achieve below via a batch file :)

    Pre-requisite

    • Windows XP SP3, NO ACTIVE DIRECTORY (i.e. Group Policy Out of Question). Its a Novell Netware 6 environment. Certificate used for Wireless Authentication. Windows Zero Configuration Service is ON on some laptops and OFF on some (not consistent). Must user Windows native wireless utility.
    • .PFX files manually created and stored on a server.
    • PFX filenames are actual computer names in the environment. (i.e. If my computer name is machine1, I will have a machine1.pfx on the server ready to import)
    • I want to import machine1.pfx on the machine, store it under current user, private/certificate password must NON-Exportable.
    • Note: I think I have Windows Zero Wireless Service worked out and I am mainly struggling to import the certificate/.pfx file.

    So, solution would look something like this,

    In Novell user presented with Application Object to run, when that runs, it will,

    Below is to make turn on Window Wireless Zero Configuration Service and make Window Wireless Utility to be used to connect to wireless networks:

    • Stop Wireless Zero Configuration Service
    • Modify Registry at HKLM\Software\Microsoft\WZCSVC\Parameters\Interfaces\<GUID>\(Change DWROD Value)
    • Start Wireless Zero Configuration Service.

    Plus,

    • Check users computer name (e.g. machine1).
    • Go to the server. Match computer name (machine1) acquired in previous step and grab certificate called machine.pfx from the server.
    • Import certificate (with password) on the machine as that user (under Certificates - Current User\Personal store - I think), password (private key) must not be exportable.

     

    What have I dont so far:

    • I have got services start and stop taken care by 
      net start "Wireless Zero Configuration"
      and 
      net stop "Wireless Zero Configuration"
      commands.
    • What I am struggling with is 'modifying registry' and 'importing pfx file'. I tried using couple of combination of CertUtil.exe -f -user importpfx "C:\PFXFilename.pfx" -p "Password" but no success. Also tried using WinHttpCertCfg.exe from http://msdn.microsoft.com/en-us/library/windows/desktop/aa384088(v=vs.85).aspx but still no luck.

    Apologies if I have given too much information, infact, i am trying to make as much info available as possible for easier understanding :D.

     

    I appreciate your help and thank you in advance.

    A

     

    .

     


    • Edited by Amit Thaker Friday, January 20, 2012 8:15 AM
    Friday, January 20, 2012 8:06 AM

All replies