tag:blogger.com,1999:blog-9537945.post5039668306001420553..comments2008-01-24T12:04:20.566-06:00Christopher Painterhttp://www.blogger.com/profile/12167478740431444267noreply@blogger.comBlogger3125tag:blogger.com,1999:blog-9537945.post-8557881618599757672008-01-24T12:04:00.000-06:002008-01-24T12:04:00.000-06:00I have had to deal with this in the past because of the way we handled encrypted SQL scripts.<BR/><BR/>1) Detect if it is registered on the machine, if it use, run with it<BR/>2) If not, add it to the InstallShield support files<BR/>3) Register it from the temp location, use it, and then unregister it<BR/><BR/>It sucks, but it works.Aaron Shurtshttp://www.blogger.com/profile/16538587727045104430noreply@blogger.comtag:blogger.com,1999:blog-9537945.post-9980179712415715002008-01-23T11:21:00.000-06:002008-01-23T11:21:00.000-06:00Yes, that seems to invoke a (seemingly undocumented ) API in cryptext.dll called CryptExtAddCER(). It seems to be tightly coupled to it's UI as discussed in a NSIS thread. Of course those guys didn't seem to concerned about supporting silent installs. Naturally, right?<BR/><BR/>The same DLL also seems to contain some COM interfaces but those are also undocumented and tlbimp doesn't give me much to go with.Christopher Painterhttp://www.blogger.com/profile/12167478740431444267noreply@blogger.comtag:blogger.com,1999:blog-9537945.post-5676587832594793232008-01-23T10:57:00.000-06:002008-01-23T10:57:00.000-06:00I tried right-clicking a certificate in Explorer and was hopeful when I saw an Install Certificate option. However it appears to bring up UI, so I guess that route is out...Michaelnoreply@blogger.com