#define WIN32_LEAN_AND_MEAN#include <Windows.h>#include <wincrypt.h>#i

1. #define WIN32_LEAN_AND_MEAN
2.  
3. #include <Windows.h>
4. #include <wincrypt.h>
5.  
6. #include <iostream>
7. #include <fstream>
8. #include <string>
9. #include <vector>
10.  
11. #pragma comment (lib, "Crypt32.lib")
12.  
13. extern "C" HRESULT CertInstallSingleCertificate(
14.     __in HCERTSTORE hStore,
15.     __in PCCERT_CONTEXT pCertContext,
16.     __in LPCWSTR wzName
17. )
18. {
19.     CERT_BLOB blob = { };
20.     blob.pbData = (BYTE*)wzName;
21.     blob.cbData = (lstrlenW(wzName) + 1) * sizeof(WCHAR); // including terminating null
22.  
23.     if (!::CertSetCertificateContextProperty(pCertContext, CERT_FRIENDLY_NAME_PROP_ID, 0, &blob))
24.     {
25.         std::cout << "Failed to set the friendly name of the certificate\n";
26.         return STATUS_FATAL_APP_EXIT;
27.     }
28.  
29.     /*
30.     CERT_STORE_ADD_REPLACE_EXISTING will not work if the certificate exists
31.     in the Group Policy or Enterprise certificate stores.
32.  
33.     CERT_STORE_ADD_USE_EXISTING is what mmc.exe + certificate snapin uses.
34.     This works fine (because it never actually needs to add)
35.     */
36.     if (!::CertAddCertificateContextToStore(hStore, pCertContext, CERT_STORE_ADD_REPLACE_EXISTING, NULL))
37.     {
38.         std::cout << "Failed to add certificate to the store.\n";
39.     }
40.     else
41.     {
42.         std::cout << "Certificate added to certificate store. \n";
43.     }
44. }
45.  
46. static void InstallCertificatePackage(
47.     __in HCERTSTORE hStore,
48.     __in LPCWSTR wzName,
49.     __in_opt BYTE* rgbData,
50.     __in DWORD cbData
51. )
52. {
53.     CERT_BLOB blob = { 0 };
54.     blob.pbData = rgbData;
55.     blob.cbData = cbData;
56.  
57.     PCCERT_CONTEXT pCertContext = NULL;
58.     DWORD dwEncodingType = 0;
59.     DWORD dwContentType = 0;
60.     DWORD dwFormatType = 0;
61.     if (!::CryptQueryObject(CERT_QUERY_OBJECT_BLOB, &blob, CERT_QUERY_CONTENT_FLAG_ALL, CERT_QUERY_FORMAT_FLAG_ALL, 0, &dwEncodingType, &dwContentType, &dwFormatType, NULL, NULL, (LPCVOID*)&pCertContext))
62.     {
63.         std::cout << "Failed to parse the certificate blob\n";
64.         return;
65.     }
66.  
67.     int iUniqueId = 0;
68.     std::wstring uniqueName = std::wstring(wzName) + L"_wixCert_" + std::to_wstring(++iUniqueId);
69.     CertInstallSingleCertificate(hStore, pCertContext, uniqueName.c_str());
70.  
71.     ::CertFreeCertificateContext(pCertContext);
72. }
73.  
74. int main()
75. {
76.     std::ifstream file("C:\\Users\\jst\\Desktop\\<YOUR_CA_CERT>", std::ios::binary | std::ios::ate);
77.     std::streamsize size = file.tellg();
78.  
79.     if (size != -1)
80.     {
81.         file.seekg(0, std::ios::beg);
82.  
83.         std::vector<char> buffer(size);
84.         file.read(buffer.data(), size);
85.        
86.         std::wstring storeName = L"root";
87.         auto hCertStore = ::CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, NULL, CERT_SYSTEM_STORE_LOCAL_MACHINE, storeName.c_str());
88.         if (hCertStore)
89.         {
90.             InstallCertificatePackage(hCertStore, L"My Root CA", (BYTE*)buffer.data(), size);
91.             CertCloseStore(hCertStore, 0);
92.         }
93.         else
94.         {
95.             std::cout << "Unable to open certificate  store\n";
96.         }
97.     }
98.     else
99.     {
100.         std::cout << "Unable to read file\n";
101.     }
102. }