Monday, May 18, 2009

[THIN] Re: how to prepopulate IE with site certs?

They publish an install executable (both in EXE and MSI format) called "InstallRoot". It installs all of the DoD and ECA vendor trusted roots. You should just be able to distribute this as you do any other install. Additionally, it does not require admin rights (i'm pretty sure) so you could potentially check for it and install if the user doesn't have the certs installed. And last, the file is updated fairly regularly as new CA's are stood up, so you'll need to take that into account as well.

Kevin Stewart


On Mon, May 18, 2009 at 3:50 PM, Steve Snyder <kwajalein@gmail.com> wrote:
The Dod, God bless them, isn't a trusted certificate authority according to IE. Yes the user can accept the cert against IE's recommendation, but I'd rather just pre-install the certs as trusted for the user. Any clues how I do this?



--
Kevin G. Stewart

No comments: