Re: Importing certificate in IE using VBS

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance


Thanks this will do the trick!!

Arjan


"de Graff" <rjdegraff@xxxxxxxxxxx> wrote in message
news:efbMvbIRGHA.1608@xxxxxxxxxxxxxxxxxxxxxxx
Save the code below into the file InstallCert.vbs. You'll need to modify
the three consts at the top and put a copy of
capicom.dll (download from Microsoft) into a network folder.

' '
' Name: '
' '
' InstallCert.vbs '
' '
' Description: '
' '
' This script installs one or more digital certificates into the
currently logged on '
' user's personal store. If the library that is required to do the
installation is not '
' on the user's machine, it will also be installed. '
' '
' Usage: '
' '
' InstallCert cert [cert...] '
' '
' cert Identifies the certificate to add. The name consists of the
file name of the '
' vertificate without the path or extension. For example, the
certificate for '
' the files SOSS.PFX, NSSS.PFX and GSSS.PFX would be given as
'
' '
' InstallCert soss nsss gsss '
' '
' Notes: '
' '
' This entire procedure depends on the common name (CN=) of the
certificate being the '
' same as the file name (minus the extension). This will work fine for
certificates like '
' soss, gsss, etc but will probably die for others. '
' '
' All of the certificates to be installed must be located in the folder
defined by '
' CERTSRCE. This folder must also contain the CAPICOM.DLL file (the
object that is used '
' to manipulate the certificate store). '
' '
' Audit: '
' '
' 2005-09-23 jdeg change NLF references to DFS references '
' 2003-07-14 jdeg added on error resume next '
' 2003-01-23 jdeg original code '
' '

'define the location of the certificates and the library (dll) file

Const CERTSRCE = "\\dover\rep\install\digital certificates\"
Const DLLFILE = "capicom.dll"
Const PASSWORD = "mypassword"

'explain how to use if no certificates were specified

if wscript.Arguments.Count = 0 then
wscript.echo ""
wscript.echo "InstallCert cert [cert...]"
wscript.Quit
end if

'create shell and filesystem objects

set wso = CreateObject("Wscript.Shell")
set fso = CreateObject("Scripting.FileSystemObject")

'set source and destination names for the library file

dllsrce = CERTSRCE & DLLFILE
dlldest = wso.ExpandEnvironmentStrings("%windir%") & "\System32\" &
DLLFILE

'if the library file is not there, copy and register it

if not fso.FileExists(dlldest) then
wscript.echo vbcrlf & DLLFILE,"not found. Adding..."
fso.CopyFile dllsrce,dlldest,true
wso.Run "regsvr32 " & dlldest & " /s /i",1,true
end if

'add the certificates to the personal store

wscript.echo vbcrlf & "Adding certificate(s)..."

set store = CreateObject("Capicom.Store")
store.Open 2,"MY",130

on error resume next

for each certname in wscript.Arguments

'delete the certificate if it exists (in case a new certificate was
issued)

for each certificate in store.Certificates

subj = certificate.SubjectName
comm = ucase(split(subj,",")(0))

if comm = "CN=" & ucase(certname) then
wscript.echo "...deleting",certname
if certificate.HasPrivateKey then
wscript.echo "......private key removed"
certificate.PrivateKey.Delete
end if
store.Remove certificate
wscript.echo "......certificate removed"
end if

next

'add the new certificate

certfile = CERTSRCE & certname & ".pfx"

if fso.FileExists(certfile) then
wscript.echo "...Adding",certfile
store.Load certfile,PASSWORD
else
wscript.echo "ERROR - CERTIFICATE FILE",certfile,"WAS NOT FOUND"
end if

next

'list the certificates that are in the local store

wscript.echo vbcrlf & "List of all certificates in the personal store" &
vbcrlf

for each certificate in store.Certificates
subj = certificate.SubjectName
wscript.echo subj
next

'clean up

set store = Nothing

set fso = Nothing
set wso = Nothing
G:\Common>



.

Relevant Pages

  • example for using IcertView API , show Certificates list and data on a Visual Basic (Client)
    ... This parameter, along with the SeekOperator parameter, determines which data is returned to the Certificate Services view. ... Before the SetRestriction method is called, it is necessary to establish a connection with the Certificate Service server by calling the ICertView::OpenConnection method. ... ' Const values recognized by CertView ... Dim nIndex As Long ...
    (microsoft.public.windows.server.security)
  • Capicom: sign error
    ... I'm using CAPICOM 2.0.0.3 for signing in a web app. ... Const TITULO_ERROR = "Firma de Texto..." ... Dim Signer, SignedData, Certificate, Message, oConvert ... Set oCertificates = oStore.Certificates ...
    (microsoft.public.platformsdk.security)
  • Capicom: sign error
    ... I'm using CAPICOM 2.0.0.3 for signing in a web app. ... Const TITULO_ERROR = "Firma de Texto..." ... Dim Signer, SignedData, Certificate, Message, oConvert ... Set oCertificates = oStore.Certificates ...
    (microsoft.public.security)
  • Re: How to describe a certificate ?
    ... Mitch Gallant ... ' and optionally allows user to add/change the selected certificate "Friendly Name". ... Dim storename, Message, Title, infotxt, friendlynamein ... Const friends = "AddressBook" ...
    (microsoft.public.platformsdk.security)
  • Re: Importing certificate in IE using VBS
    ... ' This script installs one or more digital certificates into the ... ' cert Identifies the certificate to add. ... ' to manipulate the certificate store). ... Const DLLFILE = "capicom.dll" ...
    (microsoft.public.scripting.vbscript)