If you are in an Active Directory domain you can use Group Policy/user
configuration/Windows settings/security settings/public key policies to add
certificates that the user will trust. --- Steve



"GoldenEyes" <GoldenEyes@discussions.microsoft.com> wrote in message
news:F1183B7E-4263-4D58-B90C-EFF3132FE399@microsoft.com...
> Hi all,
>
> I need to move a copy of a CA Root certificate from the Local Machine
> Store
> to the Current User store during user logon (at least the first time the
> user
> logs on). I have written a VBScript using CAPICOM to do this, it seems to
> work, but the user is given a "Security Warning" because the root CA
> cannot
> be verified (I created a self-signed root certificate and an operational
> CA
> certificate using MS Certification Authority).
>
> This warning is somewhat annoying, and since it gives the user the choice
> not to Import the Certificates, it can be quite dangerous (if the user
> chooses not to import, then the whole VPN config will fail).
>
> Is there a way to avoid getting this message, either forcing the import of
> the CA certificates or doing away compeltely with the "Security Warning"
> messages during logon?
>
> Thanks,
> RB