Deploy a Certificate by Using the Command Prompt
Applies To: Windows Server 2008
You can use this procedure to install a certificate into the certificate stores on a computer by using the CertMgr.exe command-line tool. The CertMgr command-line tool is part of the Windows Driver Kit (WDK). To access the WDK, see https://go.microsoft.com/fwlink/?LinkId=59546.
Membership in the local Administrators group, or equivalent, is the minimum required to complete this procedure.
To deploy a certificate by using CertMgr.exe at a command prompt
At a command prompt, type the following, and then press ENTER:
certmgr.exe -add MyCert.cer -s -r localMachine trustedpublisher
Value Description -add MyCert.cer
Specifies that the certificate found in the file MyCert.cer is to be added to a certificate store.
-s
Specifies that the store is the computer certificate store.
-r localMachine
Specifies that the computer certificate store is found under the registry location HKEY_LOCAL_MACHINE.
trustedpublisher
Specifies that the certificate is to be placed in the Trusted Publishers certificate store.
If the certificate is self-signed, and cannot be traced back to a certificate that is in your Trusted Root Certification Authorities, then you must place a copy of your certificate in that store as well.
certmgr.exe -add MyCert.cer -s -r localMachine root
Value Description root
Specifies that the certificate is to be placed in the Trusted Root Certification Authorities certificate store.
Formatting legend
| Format | Meaning |
|---|---|
Italic |
Information that the user must supply |
Bold |
Elements that the user must type exactly as shown |
Additional references
- For complete command line syntax information about CertMgr, see "Certificate Manager Tool (Certmgr.exe)" at https://go.microsoft.com/fwlink/?LinkId=82266.