Joe:

Don't know if this will work with a PFX file, it will work witrh a CER file. I use KixTart
to distribute Security Certificates via the following KixTart snippet....

;Certificate installation counter
$rev11=1
;
if exist ("%USERPROFILE%\PMO_CERT.$rev11")=0
shell 'x:\certmgr -add -c "N:\SWPC\new_certificate.cer" -s -r localMachine root'
del "%USERPROFILE%\PMO_CERT.*"
shell '%comspec% /c ipconfig >"%USERPROFILE%\PMO_CERT.$rev11"'
endif

The above uses the CERTMGR.EXE utility from the MS Cryptogrpahic Tools.

Dave


"Joseph Savastano" <***@commcasst.net> wrote in message news:***@TK2MSFTNGP10.phx.gbl...
| Is there an automated method for distributing certificates to IE on work
| stations?
| I found the command "Rundll32.exe cryptext.dll,CryptExtAddPFX %1" in the
| registry.
| If I replace %1 with the name of the .pfx file it launches the Certificate
| Wizard. Is there a method for passing the
| remainder of the parameters needed by the Wizard so I can distribute
| certificates silently to IE accross the network?
| Is there a script either VB or WMI that can be used to accomplish this?
|
| If this question should be posted elsewhere, please let me
| know. Otherwise you help would be appreciated. I could
| not find any information in the WMI scripting or VBS
| scripting pages that dealt with distributing to IE on a
| workstation, only to IIS on a server.
|
| Thank you
| Joseph Savastano
|
|

Hi

I use the command line utility certmgr.exe for this (you can shell out from a
VBScript file to run it if you want to). If you want to use a COM interface to
do this (to avoid shelling out to external executables), CAPICOM is an option,
but a DLL needs to be installed on the computers to use it.

More here:

http://groups.google.com/groups?selm=3EFA12D7.79BB0028%40hydro.com


--
torgeir
Microsoft MVP Scripting and WMI, Porsgrunn Norway
Administration scripting examples and an ONLINE version of the 1328 page
Scripting Guide: http://www.microsoft.com/technet/scriptcenter