Reference ca.crt from Windows Certificate Store

[mosesmosheh]

Hello

I have see that it is possible to use the cryptoapicert directive to replace the cert and key directives, where the thumbprint or subject of the certificate can be specified to bring in the cert. I.e.:

Code: Select all

--cryptoapicert "THUMB:f6 49 24 41 01 b4 ..." 

I wonder, is it possible to do something similar to specify the Certificate Authority crt?
E.g.

Code: Select all

--ca "THUMB:f2 44 15 62 11 c8 ..."

rather than

Code: Select all

--ca c:\path\to\ca.crt

Thanks in advance.
Moses

[TinCanTech]

is it possible to do something similar to specify the Certificate Authority crt?
E.g.

Code: Select all

--ca "THUMB:f2 44 15 62 11 c8 ..."

No.

The CA certificate is not a private key and so does not need to be protected.

[mosesmosheh]

Thanks for the reply. I see what you're saying.

What I was trying to do is push our ca.crt out to our Windows Endpoints neatly from the domain controller. I wanted to add it as a trusted CA from the DC, but I don't know how I could call it from the config file on the client machines. Any ideas?