For the most part, installing certificates on Windows is no easy task for an end-user. A combination of mmc and trying to put the cert in the right store is a much, much longer process than is needed. This post should show you how to export a certificate from the Trusted Root Certification Authorities store as a .reg file that you can distribute to end-users. You could also use it as part of a batch file or VBScript to silently import the certificate.
Click Start | Run and enter mmc. Press OK.
Click File | Add/Remove Snap-In and press the Add button.
Choose Certificates and press Add.
Choose Computer Account and press Next.
Leave Local Computer selected and press Finish.
Press Close and OK.
Expand the Certificates\Trusted Root Certification Authorities folder and look for the [CA Name] certificate. It may be listed twice. Double-click to open the properties.
Click the Details tab. Scroll to the bottom and examine the Thumbprint. Take note of the first few characters.
Click Start | Run and enter regedit. Press OK.
Expand HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates. Look for a key name starting with the same characters as the thumbprint. The certificate data is stored in the blob value.
Right-click the key name and choose Export.
Save the .reg file some place safe.
You can also use this method for some of the other certificate stores. The other useful store I use frequently is the Personal store. Just replace the ROOT in that registry path with MY to find the certificates there.