Here's my situation:
I have two models of custom Windows CE devices -- one with a screen, and one without a screen. No solution can involve user intervention such as clicking on a certificate or installing it through Explorer, because that won't work on the screenless models. We have a custom disk image put on the devices during the manufacturing process. Ideally, I'd like this image to include the certificate pre-installed.
Is there a way to find out what registry keys are created during certificate installation so that I can just put these in my disk image and have all my devices come out with the proper certificate pre-installed My poking around has revealed stuff in HKEY_LOCAL_MACHINE\Comm\Security\SystemCertificates\Root\Certificates containing keys with unreadable names (a GUID or some other naming scheme) with a value called Blob containing a bunch of data that is presumably the thumbnail value of a certificate or something similar.
Alternatively, if one could point me to a purely command-line program that installs certificates, I can integrate that into the device initialization software. Finally, if anyone has a good code example for using the Cert* functions, I'd appreciate that, because I could integrate it directly into my software. But my preference would definitely be to somehow just add it to the disk image so that it comes preinstalled. It seems as though it would be possible, given that some root certificates already come preinstalled in Windows CE.
Thanks,
Deborah