Question : Install a CA on Windows Server 2008 R2 Server Core

So I am working with the new Windows Server 2008 R2 Server Core installation options to reduce the overhead of the software. The problem that I am running into is I am trying to establish a root Certification Authority on the server, and I cannot find any resources that might give me a hint as to how to configure the CA through the command line (since its server core and I need to use that). If anyone has any information as to where I could go to get this information at the least (I have already tried Microsoft TechNet, so unless I am completely missing it, I dont need to know about tech net) that would be completely wonderful. Thank you.

Answer : Install a CA on Windows Server 2008 R2 Server Core

just got this from Microsoft product support, script is attached:


The setupca.vbs script takes care of installing all the needed packages and files using OCSetup, since servermanagercmd is not available on the core builds.
 
Automated CA installs using VB script on Windows Server 2008 and 2008R2
Starting with Windows Server 2008 the CA product team introduced a set of COM objects that can be used to control the installation of CAs. Using VBScript you can quickly automate the setup and installation of a CA.Below is a script that is being used by the product team in our testing of Certificate Services. SetupCA.vbs was designed to have all the functionality present in the setup UI but in an easy command line that can be used in automation. Most of the functionality of the script is fairly straight forward in just setting properties on the setup objects. A couple of features, like the key/cert re-use, take a bit of code to get the setting right.
Some example usages of the script:
Install Enterprise Root CA
Cscript setupca.vbs /ie /sn MyRootCA /sk 4096 /sp RSA#Microsoft Software Key Storage Provider /sa SHA256
Install Standalone Sub CA
Cscript setupca.vbs /it /sn MySubCA /sr MyParentCAMachine\MyRootCA /sk 384 /sp ECDSA_P384#Microsoft Software Key Storage Provider /sa SHA1
Uninstall CA:
Cscript setupca.vbs /uc
Install Web Pages:
Cscript setupca.vbs /iw /sr MyParentCAMachine\MyRootCA
There is also a usage that lists all the parameters if you run the script without any arguments.
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:
85:
86:
87:
88:
89:
90:
91:
92:
93:
94:
95:
96:
97:
98:
99:
100:
101:
102:
103:
104:
105:
106:
107:
108:
109:
110:
111:
112:
113:
114:
115:
116:
117:
118:
119:
120:
121:
122:
123:
124:
125:
126:
127:
128:
129:
130:
131:
132:
133:
134:
135:
136:
137:
138:
139:
140:
141:
142:
143:
144:
145:
146:
147:
148:
149:
150:
151:
152:
153:
154:
155:
156:
157:
158:
159:
160:
161:
162:
163:
164:
165:
166:
167:
168:
169:
170:
171:
172:
173:
174:
175:
176:
177:
178:
179:
180:
181:
182:
183:
184:
185:
186:
187:
188:
189:
190:
191:
192:
193:
194:
195:
196:
197:
198:
199:
200:
201:
202:
203:
204:
205:
206:
207:
208:
209:
210:
211:
212:
213:
214:
215:
216:
217:
218:
219:
220:
221:
222:
223:
224:
225:
226:
227:
228:
229:
230:
231:
232:
233:
234:
235:
236:
237:
238:
239:
240:
241:
242:
243:
244:
245:
246:
247:
248:
249:
250:
251:
252:
253:
254:
255:
256:
257:
258:
259:
260:
261:
262:
263:
264:
265:
266:
267:
268:
269:
270:
271:
272:
273:
274:
275:
276:
277:
278:
279:
280:
281:
282:
283:
284:
285:
286:
287:
288:
289:
290:
291:
292:
293:
294:
295:
296:
297:
298:
299:
300:
301:
302:
303:
304:
305:
306:
307:
308:
309:
310:
311:
312:
313:
314:
315:
316:
317:
318:
319:
320:
321:
322:
323:
324:
325:
326:
327:
328:
329:
330:
331:
332:
333:
334:
335:
336:
337:
338:
339:
340:
341:
342:
343:
344:
345:
346:
347:
348:
349:
350:
351:
352:
353:
354:
355:
356:
357:
358:
359:
360:
361:
362:
363:
364:
365:
366:
367:
368:
369:
370:
371:
372:
373:
374:
375:
376:
377:
378:
379:
380:
381:
382:
383:
384:
385:
386:
387:
388:
389:
390:
391:
392:
393:
394:
395:
396:
397:
398:
399:
400:
401:
402:
403:
404:
405:
406:
407:
408:
409:
410:
411:
412:
413:
414:
415:
416:
417:
418:
419:
420:
421:
422:
423:
424:
425:
426:
427:
428:
429:
430:
431:
432:
433:
434:
435:
436:
437:
438:
439:
440:
441:
442:
443:
444:
445:
446:
447:
448:
449:
450:
451:
452:
453:
454:
455:
456:
457:
458:
459:
460:
461:
462:
463:
464:
465:
466:
467:
468:
469:
470:
471:
472:
473:
474:
475:
476:
477:
478:
479:
480:
481:
482:
483:
484:
485:
486:
487:
488:
489:
490:
491:
492:
493:
494:
495:
496:
497:
498:
499:
500:
501:
502:
503:
504:
505:
506:
507:
508:
509:
510:
511:
512:
513:
514:
515:
516:
517:
518:
519:
520:
521:
522:
523:
524:
525:
526:
527:
528:
529:
530:
531:
532:
533:
534:
535:
536:
537:
538:
539:
540:
541:
542:
543:
544:
545:
546:
547:
548:
549:
550:
551:
552:
553:
554:
555:
556:
557:
558:
559:
560:
561:
562:
563:
564:
565:
566:
567:
568:
569:
570:
571:
572:
573:
574:
575:
576:
577:
578:
579:
580:
581:
582:
583:
584:
585:
586:
587:
588:
589:
590:
591:
592:
593:
594:
595:
596:
597:
598:
599:
600:
601:
602:
603:
604:
605:
606:
607:
608:
609:
610:
611:
612:
613:
614:
615:
616:
617:
618:
619:
620:
621:
622:
623:
624:
625:
626:
627:
628:
629:
630:
631:
632:
633:
634:
635:
636:
637:
638:
639:
640:
641:
642:
643:
644:
645:
646:
647:
648:
649:
650:
651:
652:
653:
654:
655:
656:
657:
658:
659:
660:
661:
662:
663:
664:
665:
666:
667:
668:
669:
670:
671:
672:
673:
674:
675:
676:
677:
678:
679:
680:
681:
682:
683:
684:
685:
686:
687:
688:
689:
690:
691:
692:
693:
694:
695:
696:
697:
698:
699:
700:
701:
702:
703:
704:
705:
706:
707:
708:
709:
710:
711:
712:
713:
714:
715:
716:
717:
718:
719:
720:
721:
722:
723:
724:
725:
726:
727:
728:
729:
730:
731:
732:
733:
734:
735:
736:
737:
738:
739:
740:
741:
742:
743:
744:
745:
746:
747:
748:
749:
750:
751:
752:
753:
754:
755:
756:
757:
758:
759:
760:
761:
762:
763:
764:
765:
766:
767:
768:
769:
770:
771:
772:
773:
774:
775:
776:
777:
778:
779:
780:
781:
782:
783:
784:
785:
786:
787:
788:
789:
790:
791:
792:
793:
794:
795:
796:
797:
798:
799:
800:
801:
802:
803:
804:
805:
806:
807:
808:
809:
810:
811:
812:
813:
814:
815:
816:
817:
818:
819:
820:
821:
822:
823:
824:
825:
826:
827:
828:
829:
830:
831:
832:
833:
834:
835:
836:
837:
838:
839:
840:
841:
842:
843:
844:
845:
846:
847:
848:
849:
850:
851:
852:
853:
854:
855:
856:
857:
858:
859:
860:
861:
862:
863:
864:
865:
866:
867:
868:
869:
870:
871:
872:
873:
874:
875:
876:
877:
878:
879:
880:
881:
882:
883:
884:
885:
886:
887:
888:
889:
890:
891:
892:
893:
894:
895:
896:
897:
898:
899:
900:
901:
902:
903:
904:
905:
906:
907:
908:
909:
910:
911:
912:
913:
914:
915:
916:
917:
918:
919:
920:
921:
922:
923:
924:
925:
926:
927:
928:
929:
930:
931:
932:
933:
934:
935:
936:
937:
938:
939:
940:
941:
942:
943:
944:
945:
946:
947:
948:
949:
950:
951:
952:
953:
954:
955:
956:
957:
958:
959:
960:
961:
962:
963:
964:
965:
'SetupCA.VBS 
'Copyright (c) Microsoft Corporation.  All rights reserved. 
Option Explicit 
'*****************************************************************
'Displays script-understood command line params
'
Sub Usage()
    Call OutputLine(ECHOMINIMAL, "SetupCA.vbs - Certificate Services Setup Automation for Microsoft Windows Server 2008/2008 R2")
    Call OutputLine(ECHOMINIMAL, "")
    Call OutputLine(ECHOMINIMAL, "Parameters:")
    Call OutputLine(ECHOMINIMAL, "/SP    - Specify Provider")
    Call OutputLine(ECHOMINIMAL, "/SK     - Specify Key length")
    Call OutputLine(ECHOMINIMAL, "/SA     - Specify Hash algorithm")
    Call OutputLine(ECHOMINIMAL, "/SN    - Specify CA Name")
    Call OutputLine(ECHOMINIMAL, "/DN    - Specify DN Suffix for CA cert subject")
    Call OutputLine(ECHOMINIMAL, "/SR      - Specify Root CA (Required for subordinate CA" & Chr(39) & "s and Web service)")
    Call OutputLine(ECHOMINIMAL, "")
    Call OutputLine(ECHOMINIMAL, "/RK    - Reuse Key")
    Call OutputLine(ECHOMINIMAL, "/RC    - Reuse Cert and Key")
    Call OutputLine(ECHOMINIMAL, "")
    Call OutputLine(ECHOMINIMAL, "/interactive - Specifiy whether CA will be set to interact with desktop")
    Call OutputLine(ECHOMINIMAL, "")
    Call OutputLine(ECHOMINIMAL, "/IE          - Install Enterprise Root CA Service")
    Call OutputLine(ECHOMINIMAL, "/IS          - Install Standalone Root CA Service")
    Call OutputLine(ECHOMINIMAL, "/IF          - Install Enterprise Subordinate CA Service")
    Call OutputLine(ECHOMINIMAL, "/IT          - Install Standalone Subordinate CA Service")
    Call OutputLine(ECHOMINIMAL, "/IW          - Install web CA Service - works with any of the above or by itself")
    Call OutputLine(ECHOMINIMAL, "               This option is not relevant for server core machines")
    Call OutputLine(ECHOMINIMAL, "")
    Call OutputLine(ECHOMINIMAL, "/UC          - Uninstall CA Service")
    Call OutputLine(ECHOMINIMAL, "")
    Call OutputLine(ECHOMINIMAL, "/?           - Display this usage")
    Call OutputLine(ECHOMINIMAL, "")
End Sub ' Usage 
'*****************************************************************
'Define external constant values
'
' CA Role
Const ENTERPRISE_ROOTCA = 0
Const ENTERPRISE_SUBCA = 1
Const STANDALONE_ROOTCA = 3
Const STANDALONE_SUBCA = 4
Const NO_INSTALL_CA =  - 1
Const UNINSTALL_CA = 8 
'FileSystemObject defines
Const FILE_FLAG_READ = 1
Const FILE_FLAG_WRITE = 2
Const FILE_FLAG_APPEND = 8 
'Logging level
Const ECHOMINIMAL = 1 
'Error codes to handle:
Const RPC_UNAVAILABLE =  - 2147023174 '0x800706BA
Const DOMAIN_UNAVAILABLE =  - 2147023541 '0x8007054B
Const REG_VALUE_NOT_FOUND =  - 2147024894 '0x80070002
Const IMAGE_TAMPERED =  - 2147024319 '0x80070241
Const VALUE_OUT_OF_RANGE =  - 2147016574 '0x80072082
Const ROOT_CA_NOT_FOUND = 462 
'Properties that can be set:
Const SETUPPROP_INVALID =  - 1
Const SETUPPROP_CATYPE = 0
Const SETUPPROP_CAKEYINFORMATION = 1
Const SETUPPROP_INTERACTIVE = 2
Const SETUPPROP_CANAME = 3
Const SETUPPROP_CADSSUFFIX = 4
Const SETUPPROP_VALIDITYPERIOD = 5
Const SETUPPROP_VALIDITYPERIODUNIT = 6
Const SETUPPROP_EXPIRATIONDATE = 7
Const SETUPPROP_PRESERVEDATABASE = 8
Const SETUPPROP_DATABASEDIRECTORY = 9
Const SETUPPROP_LOGDIRECTORY = 10
Const SETUPPROP_SHAREDFOLDER = 11
Const SETUPPROP_PARENTCAMACHINE = 12
Const SETUPPROP_PARENTCANAME = 13
Const SETUPPROP_REQUESTFILE = 14
Const SETUPPROP_WEBCAMACHINE = 15
Const SETUPPROP_WEBCANAME = 16 
'*****************************************************************
'Define constants and defaults
'
Const CONST_ERROR = 0
Const CONST_WSCRIPT = 1
Const CONST_CSCRIPT = 2
Const CONST_SHOW_USAGE = 3
Const CONST_PROCEED = 4 
Const DEFCANAME = ""
Const DEFDNSUFFIX = ""
Const DEFROOTCANAME = ""
Const DEF_SEL_KEY_SIZE = "2048"
Const DEF_SEL_HASH_ALG = "SHA1"
Const DEF_INSTALL_WEB_OPTION = False
Const DEF_INSTALL_SVC_OPTION = True
Const DEF_LOG_FILENAME = "_SetupCA.log"
Const DEF_INTERACTIVE = False 
'example Capi1 Provider:   "Microsoft Strong Cryptographic Provider"
'example RSA CNG provider: "RSA#MicrosoftKSP"
'example ECC 256 provider: "ECDSA_P256#Microsoft Software Key Storage Provider"
'example ECC 384 provider: "ECDSA_P384#Microsoft Software Key Storage Provider"
'example ECC 521 provider: "ECDSA_P521#Microsoft Software Key Storage Provider"
Const DEF_SEL_PROVIDER = "RSA#Microsoft Software Key Storage Provider" 
'Cert Server Role
Dim eCARole
eCARole = NO_INSTALL_CA 
'Root CA's name (if this is a subordinate)
Dim strRootCAName
strRootCAName = DEFROOTCANAME 
'This CA's name
Dim strCAName
Dim strDNSuffix
strCAName = DEFCANAME
strDNSuffix = DEFDNSUFFIX 
'Crypto provider to be used to sign certs this CA Issues
Dim strSelectedCSP
strSelectedCSP = "" ' DEF_SEL_PROVIDER 
'Hash algorithm to be used to sign certs this CA Issues
Dim strSelectedHashAlg
strSelectedHashAlg = "" ' DEF_SEL_HASH_ALG 
'Signing key length
Dim iSelectedKeySize
iSelectedKeySize = "" ' DEF_SEL_KEY_SIZE 
'Key/Cert Re-use flags
Dim bReuseKey
Dim bReuseCert
Dim bReuseDB
bReuseKey  = False
bReuseCert = False
bReuseDB   = False 
'Interactive Flag
Dim bInteractive
bInteractive = DEF_INTERACTIVE 
'Default to install or uninstall
Dim bInstall
bInstall = True 
'Install the Web interface
Dim bWebPages
bWebPages = DEF_INSTALL_WEB_OPTION 
' Install the Cert Server service. 
Dim bInstallService
bInstallService = DEF_INSTALL_SVC_OPTION 
'Log file 
Dim OutputFile
Dim OutputFile2 
'Needs to differentiate which package needs to be installed
Dim PKGCA
Dim PKGIIS
Dim PKGWEB
PKGCA  = True
PKGIIS = True
PKGWEB = True 
'Set if installing on core build
Dim bIsCore
bIsCore = False 
'For the 'retry once' implementation
Dim bRecursed
bRecursed = False 
'Begin script logic 
'Ensure the output won't become hundreds of popup windows
Call VerifyStandardStreams() 
'Set up Local logging
Set OutputFile = CreateLogFile(DEF_LOG_FILENAME) 
Dim g_oCASetup 
'Start the script
Call Main() 
'********************************************************************
'*
'* Sub InstallPackages()
'*
'* Purpose: Install all required packagemanager packages
'*
'********************************************************************' 
Sub InstallPackages(Install) 
    'Get shell object to determine system drive value
    Dim WshShell
    Set WshShell = WScript.CreateObject("WScript.Shell") 
    If (Install = True) Then 
        If (PKGCA = True) Then
            Call OutputLine(ECHOMINIMAL, "Installing CA Packages, this will take several minutes...")
            Call WshShell.Run ("cmd /c servermanagercmd -install ADCS-Cert-Authority -resultPath installResult.xml", 0 , True)
        End If 
        If (PKGWEB = True) Then
            Call OutputLine(ECHOMINIMAL, "Installing Web Page Packages, this will take several minutes...")
            Call WshShell.Run ("cmd /c servermanagercmd -install ADCS-Web-Enrollment -resultPath installResult.xml", 0 , True)
        End If 
    Else 
        If (PKGWEB = True) Then
            Call OutputLine(ECHOMINIMAL, "Removing Web Page Packages, this will take several minutes...")
            Call WshShell.Run ("cmd /c servermanagercmd -remove ADCS-Web-Enrollment -resultPath installResult.xml", 0 , True)
        End If 
        If (PKGCA = True) Then
            Call OutputLine(ECHOMINIMAL, "Removing CA Packages, this will take several minutes...")
            Call WshShell.Run ("cmd /c servermanagercmd -remove ADCS-Cert-Authority -resultPath installResult.xml", 0 , True)
        End If 
    End If 
    Call OutputLine(ECHOMINIMAL, "Installing Packages, this will take several minutes...") 
    Set WShShell = Nothing
End Sub 'InstallPackage 
'********************************************************************
'*
'* Sub Main()
'*
'* Purpose: Executes the main script logic
'* Input:   
'*
'* Output:  
'*
'********************************************************************
Sub Main ()
    Dim intOpMode 
    'Parse the command line
    intOpMode = intParseCmdLine() 
    Select Case intOpMode 
        Case CONST_SHOW_USAGE
            Call Usage()
            Exit Sub 
        Case CONST_PROCEED
            'Do Nothing 
        Case CONST_ERROR
            Call OutputLine(ECHOMINIMAL,"Error occurred in passing parameters.")
            Exit Sub 
        Case Else                    'Default -- should never happen
            Call OutputLine(ECHOMINIMAL,"Error occurred in passing parameters.")
            Exit Sub 
    End Select 
    'Check if certocm.dll is present, if not we are most likely running on core and need
    'to use ocsetup to install CA package to get certocm.dll
    Dim FSO
    Set FSO = CreateObject("Scripting.FileSystemObject") 
    Dim WshShell
    Dim envVars
    Dim strWinDir
    Set WshShell = WScript.CreateObject("WScript.Shell")
    Set envVars  = WshShell.Environment("process") 
    strWinDir    = envVars("windir") 
    wscript.echo "Checking if certocm.dll is present..." 
    If Not FSO.FileExists(strWinDir + "\system32\certocm.dll") Then
        bisCore = True
        wscript.echo "Certocm.dll is not present installing CA package..."
        Call WshShell.Run ("cmd /c start /w ocsetup CertificateServices /norestart /quiet", 0 , True)
        wscript.echo "CA package installed..."
    Else
        wscript.echo "Certocm.dll is present not installing CA package"
    End If 
    Set WshShell = Nothing
    Set envVars  = Nothing 
    Set g_oCASetup = CreateObject("certocm.CertSrvSetup")
    'Install Packages
    Call OutputLine(ECHOMINIMAL,"Proceeding to update packages ...")
    Call InstallPackages(bInstall) 
    If (eCARole <> NO_INSTALL_CA) And (eCARole <> UNINSTALL_CA) Then
        Call OutputLine(ECHOMINIMAL, "Main: Info collection complete. Starting install phase..." )
        ' got the info we needed, now install..
        Call OutputFile.WriteLine("Main: Installing...") 
        If (True = InstallAndVerifyCA(eCARole, bInstallService, bWebPages)) Then
            Call OutputFile.WriteLine("Main: Install complete! Passed")
        Else
            Call OutputFile.WriteLine("Main: Install complete! Failed")
            Call WScript.Quit (1)
        End If 'Installed without errors 
    Else 
        If (eCARole = UNINSTALL_CA) Then 
            If (bWebPages = False) And (bInstallService = True) Then
                Call OutputLine(ECHOMINIMAL, "Main: Uninstalling Web pages only...")
                'Uninstall web pages only
                Call UninstallCA(True)
                Call OutputLine(ECHOMINIMAL, "Main: web pages Uninstalled!")
            Else
                Call OutputLine(ECHOMINIMAL, "Main: Uninstalling CA...")
                'Uninstall web pages only
                Call UninstallCA(False)
                Call OutputLine(ECHOMINIMAL, "Main: Uninstalled!")
            End If 
        End If 
    End If 
    ' Clean Up
    Call OutputFile.Close() 
End Sub 'Main 
'********************************************************************
'*
'* Sub VerifyStandardStreams()
'*
'* Purpose: verify CScript.exe was used to launch this script.
'* 
'********************************************************************
Sub VerifyStandardStreams()
    On Error Resume Next 
    'Attempt to write to the error stream
    Call WScript.StdOut.WriteLine() 
    'If couldn't display the error because cscript wasn't used, 
    If (Err.Number <> 0) Then 
        'Report problem
        Call WScript.Echo("Please run this script from cscript.") 
        'Exit the script
        Call WScript.Quit (1)
    End If 
    On Error Goto 0
End Sub 'VerifyStandardStreams 
'********************************************************************
'*
'* Sub OutputLine()
'*
'* Purpose: Control the debug output at one location
'* 
'* Input:   Level   compare to verbosity - if lower, don't display
'*          string  String to output.
'*
'********************************************************************
Sub OutputLine(ByVal level, ByVal String) 
    Call OutputFile.WriteLine(String)
    WScript.StdOut.WriteLine String 
End Sub ' OutputLine 
'********************************************************************
'*
'* Sub PrintErrorInfo()
'*
'* Purpose: Control the debug output at one location
'* 
'* Input:   Message    Message to log
'*          Err        Error obejct to get info from
'*
'********************************************************************
Sub PrintErrorInfo(ByVal Message, ByVal oErr)
    Call OutputLine(ECHOMINIMAL, Message)
    Call OutputLine(ECHOMINIMAL, "Error Info: " & oErr.Number & ": " & oErr.Description)
    Call OutputLine(ECHOMINIMAL, "Error Source: " & oErr.Source)
End Sub ' OutputLine 
'********************************************************************
'*
'* Function intParseCmdLine()
'*
'* Purpose: Parses the command line.
'*  
'* Input:   none
'*
'* Output:  none
'*
'********************************************************************
Function intParseCmdLine()
    On Error Resume Next 
    Dim strFlag
    Dim intState
    Dim ArgTemp
    Dim intArgIter
    Dim objFileSystem 
    If Wscript.Arguments.Count > 0 Then
        Call OutputFile.WriteLine("parsing arguments: ") 
        For Each ArgTemp in WScript.Arguments 
            If (InStr(ArgTemp," ") > 0) Then
                Call OutputFile.Write(Chr(34) & ArgTemp & Chr(34) & " ")
            Else
                Call OutputFile.Write(ArgTemp & " ")
            End If 
        Next ' ArgTemp 
        Call OutputFile.WriteLine
        strFlag = Wscript.arguments.Item(0)
    End If 
    'No arguments have been received 
    If IsEmpty(strFlag) Then
        intParseCmdLine = CONST_SHOW_USAGE
        Exit Function ' intParseCmdLine
    End If 
    'Check if the user is asking for help or is just confused 
    If (strFlag = "help") Or (strFlag = "/h") Or (strFlag = "\h") Or (strFlag = "-h") _
        Or (strFlag = "\?") Or (strFlag = "/?") Or (strFlag = "?") _
        Or (strFlag = "h") Then
        intParseCmdLine = CONST_SHOW_USAGE
        Exit Function ' intParseCmdLine
    End If 
    'Retrieve the command line and set appropriate variables
    intArgIter = 0 
    Do While intArgIter <= Wscript.arguments.Count - 1 
        Select Case Left(LCase(Wscript.arguments.Item(intArgIter)),4)
            Case "/int"
                bInteractive = True
                intArgIter   = intArgIter + 1 
            Case "/sp" 
                If Not blnGetArg("Crypto Provider", strSelectedCSP, intArgIter) Then
                    intParseCmdLine = CONST_ERROR
                    Exit Function ' intParseCmdLine
                End If 
                intArgIter = intArgIter + 1 
            Case "/sk" 
                If Not blnGetArg("Key length", iSelectedKeySize, intArgIter) Then
                    intParseCmdLine = CONST_ERROR
                    Exit Function ' intParseCmdLine
                End If 
                intArgIter = intArgIter + 1 
            Case "/sa" 
                If Not blnGetArg("Hash algorithm",strSelectedHashAlg, intArgIter) Then
                    intParseCmdLine = CONST_ERROR
                    Exit Function ' intParseCmdLine
                End If 
                intArgIter = intArgIter + 1 
            Case "/sn" 
                If Not blnGetArg("CA Name", strCAName, intArgIter) Then
                    intParseCmdLine = CONST_ERROR
                    Exit Function ' intParseCmdLine
                End If 
                intArgIter = intArgIter + 1 
            Case "/dn" 
                If Not blnGetArg("DN Suffix", strDNSuffix, intArgIter) Then
                    intParseCmdLine = CONST_ERROR
                    Exit Function ' intParseCmdLine
                End If 
                intArgIter = intArgIter + 1
            Case "/sr" 
                If Not blnGetArg("Root CA", strRootCAName, intArgIter) Then
                    intParseCmdLine = CONST_ERROR
                    Exit Function ' intParseCmdLine
                End If 
                intArgIter = intArgIter + 1 
            Case "/iw" 
                If bIsCore = False Then
                    bWebPages = True
                End If 
                intArgIter = intArgIter + 1 
            Case "/ie" 
                If (eCARole <> NO_INSTALL_CA) Then
                    intParseCmdLine = CONST_ERROR
                    Exit Function ' intParseCmdLine
                End If 
                intParseCmdLine = CONST_PROCEED
                bInstallService = True
                eCARole         = ENTERPRISE_ROOTCA
                intArgIter      = intArgIter + 1 
            Case "/is" 
                If (eCARole <> NO_INSTALL_CA) Then
                    intParseCmdLine = CONST_ERROR
                    Exit Function ' intParseCmdLine
                End If 
                intParseCmdLine = CONST_PROCEED
                bInstallService = True
                eCARole         = STANDALONE_ROOTCA
                intArgIter      = intArgIter + 1 
            Case "/if" 
                If (eCARole <> NO_INSTALL_CA) Then
                    intParseCmdLine = CONST_ERROR
                    Exit Function ' intParseCmdLine
                End If 
                intParseCmdLine = CONST_PROCEED
                bInstallService = True
                eCARole         = ENTERPRISE_SUBCA
                intArgIter      = intArgIter + 1 
            Case "/it" 
                If (eCARole <> NO_INSTALL_CA) Then
                    intParseCmdLine = CONST_ERROR
                    Exit Function ' intParseCmdLine
                End If 
                intParseCmdLine = CONST_PROCEED
                bInstallService = True
                eCARole         = STANDALONE_SUBCA
                intArgIter      = intArgIter + 1 
            Case "/uc" 
                If (eCARole <> NO_INSTALL_CA) And (eCARole <> UNINSTALL_CA)  Then
                    intParseCmdLine = CONST_ERROR
                    Exit Function ' intParseCmdLine
                End If 
                bInstallService = False
                bWebPages      = False
                bInstall        = False
                eCARole         = UNINSTALL_CA
                intParseCmdLine = CONST_PROCEED
                intArgIter      = intArgIter + 1 
            Case "/uw" 
                If (eCARole <> NO_INSTALL_CA) And (eCARole <> UNINSTALL_CA) Then
                    intParseCmdLine = CONST_ERROR
                    Exit Function ' intParseCmdLine
                End If 
                bWebPages      = False
                bInstall        = False
                eCARole         = UNINSTALL_CA
                intParseCmdLine = CONST_PROCEED
                intArgIter      = intArgIter + 1 
            Case "/rk"
                bReuseKey  = True
                intArgIter = intArgIter + 1 
            Case "/rc"
                bReuseCert = True
                intArgIter = intArgIter + 1 
            Case "/rcd"
                bReuseCert = True
                bReuseDB   = True
                intArgIter = intArgIter + 1 
                'Depricated switches kept to prevent automation from failing
            Case "/sl"
                intArgIter = intArgIter + 2
            Case "/sc"
                intArgIter = intArgIter + 2
            Case "/si"
                intArgIter = intArgIter + 2 
            Case Else 'We shouldn't get here
                Call OutputLine(ECHOMINIMAL, "Invalid or misplaced parameter: " & Wscript.arguments.Item(intArgIter))
                Call OutputLine(ECHOMINIMAL, "Please check the input and try again")
                Call OutputLine(ECHOMINIMAL, "or invoke with " & Chr(39) & "/?" & Chr(39) & " for help with the syntax.")
                Wscript.Quit 
        End Select 
    Loop '** intArgIter <= Wscript.arguments.Count - 1 
    intParseCmdLine = CONST_PROCEED 
End Function 
'********************************************************************
'* 
'*  Function blnGetArg()
'*
'*  Purpose: Helper to intParseCmdLine()
'* 
'*  Usage:
'*
'*     Case "/s" 
'*       blnGetArg ("server name", strServer, intArgIter)
'*
'******************************************************************** 
Private Function blnGetArg (ByVal StrVarName, _
    ByRef strVar, _
    ByRef intArgIter) 
    blnGetArg = False 'failure, changed to True upon successful completion
    Err.Clear 
    If Len(Wscript.Arguments(intArgIter)) > 3 Then 
        If Mid(Wscript.Arguments(intArgIter),4,1) = ":" Then 
            If Len(Wscript.Arguments(intArgIter)) > 4 Then
                strVar    = Right(Wscript.Arguments(intArgIter), _
                Len(Wscript.Arguments(intArgIter)) - 4)
                blnGetArg = True
                Exit Function
            Else
                intArgIter = intArgIter + 1 
                If intArgIter > (Wscript.Arguments.Count - 1) Then
                    Call OutputLine(ECHOMINIMAL, "Parameter Missing: " & StrVarName & ".")
                    Call OutputLine(ECHOMINIMAL, "Invalid " & StrVarName & ".")
                    Call OutputLine(ECHOMINIMAL, "Please check the input and try again.")
                    Exit Function
                End If 
                strVar = Wscript.Arguments.Item(intArgIter) 
                If Err.Number Then
                    Call OutputLine(ECHOMINIMAL, "Error: " & Err.Number & ": " & Err.Description & ".")
                    Call OutputLine(ECHOMINIMAL, "Invalid " & StrVarName & ".")
                    Call OutputLine(ECHOMINIMAL, "Please check the input and try again.")
                    Exit Function
                End If 
                If InStr(strVar, "/") Then
                    Call OutputLine(ECHOMINIMAL, "Invalid " & StrVarName)
                    Call OutputLine(ECHOMINIMAL, "Invalid Parameter was:" & StrVar)
                    Call OutputLine(ECHOMINIMAL, "Please check the input and try again.")
                    Exit Function
                End If 
                blnGetArg = True 'success
            End If 
        Else
            strVar    = Right(Wscript.Arguments(intArgIter), _
            Len(Wscript.Arguments(intArgIter)) - 4)
            blnGetArg = True 'success
            Exit Function
        End If 
    Else
        intArgIter = intArgIter + 1 
        If intArgIter > (Wscript.Arguments.Count - 1) Then
            Call OutputLine(ECHOMINIMAL, "Parameter Missing: " & StrVarName & ".")
            Call OutputLine(ECHOMINIMAL, "Invalid " & StrVarName & ".")
            Call OutputLine(ECHOMINIMAL, "Please check the input and try again.")
            Exit Function
        End If 
        strVar = Wscript.Arguments.Item(intArgIter) 
        If Err.Number Then
            Call OutputLine(ECHOMINIMAL, "Error: " & Err.Number & ": " & Err.Description & ".")
            Call OutputLine(ECHOMINIMAL, "Invalid " & StrVarName & ".")
            Call OutputLine(ECHOMINIMAL, "Please check the input and try again.")
            Exit Function
        End If 
        If InStr(strVar, "/") Then
            Call OutputLine(ECHOMINIMAL, "Invalid " & StrVarName)
            Call OutputLine(ECHOMINIMAL, "Invalid Parameter was:" & StrVar)
            Call OutputLine(ECHOMINIMAL, "Please check the input and try again.")
            Exit Function
        End If 
        blnGetArg = True 'success
    End If 
End Function 
'********************************************************************
'*
'* Function CreateLogFile()
'*
'* Purpose: Creates the local log file of all of the script output
'* 
'* Input:  strLogFileName
'*
'********************************************************************
Function CreateLogFile(ByVal strLogFileName)
    Dim FileSystem
    Set FileSystem = CreateObject("Scripting.FileSystemObject") 
    'Get the actual path
    Dim strFileName
    strFileName = FileSystem.GetAbsolutePathName(strLogFileName) 
    Call WScript.StdOut.WriteLine ("Log file = " & strFileName) 
    On Error Resume Next 
    ' just append to 
    If FileSystem.FileExists(strFileName) Then
        'Open Existing log
        Set CreateLogFile = FileSystem.OpenTextFile(strFileName, FILE_FLAG_APPEND, True)
    Else
        'Open new log
        Set CreateLogFile = FileSystem.CreateTextFile(strFileName, True)
    End If 
    Set FileSystem = Nothing 
    If Err.Number <> 0 Then
        Call WScript.StdErr.WriteLine ("Error creating the log file " & strFileName)
        Call WScript.StdErr.WriteLine ("Error " & Err.Number & " - " & Err.Description)
        Call WScript.Quit (1)
    End If 
    On Error Goto 0
End Function ' CreateLogFile 
'********************************************************************
'*
'* Function SetProvider()
'*
'* Purpose:
'* 
'* Input:  ProviderString
'*         HashAlg
'*         KeyLen
'*
'********************************************************************
Function SetProvider(ByRef oCASetup, ByVal ProviderString, ByVal HashAlg, ByVal KeyLen)
    Call OutputLine(ECHOMINIMAL, _
    "SetProvider called with " & _
    Chr(34) & ProviderString & Chr(34) & ", " & _
    Chr(34) & HashAlg & Chr(34) & ", " & _
    Chr(34) & KeyLen & Chr(34)) 
    'Declare variable to store KeyInfo object
    Dim oCAKeyInfo
    Dim retVal 
    retVal = False 
    Call OutputLine(ECHOMINIMAL, "SetProvider: Creating oCAKeyInfo by calling oCASetup.GetCASetupProperty(SETUPPROP_CAKEYINFORMATION )")
    ' Create CA KeyInfo object
    Set oCAKeyInfo = oCASetup.GetCASetupProperty(SETUPPROP_CAKEYINFORMATION) 
    If ("" <> ProviderString) Then
        Call OutputLine(ECHOMINIMAL, "SetProvider: Changing oCAKeyInfo.ProviderName to " & ProviderString)
        oCAKeyInfo.ProviderName = ProviderString
    End If 
    ' only modify key length if it was specified 
    If ("" <> KeyLen) Then
        Call OutputLine(ECHOMINIMAL, "SetProvider: Changing oCAKeyInfo.Length to " & KeyLen)
        oCAKeyInfo.Length = KeyLen
    End If 
    ' Only modify hash algorithm if it was specified 
    If ("" <> HashAlg) Then
        Call OutputLine(ECHOMINIMAL, "SetProvider: Changing oCAKeyInfo.HashAlgorithm to " & HashAlg)
        oCAKeyInfo.HashAlgorithm = HashAlg
    End If 
    Call OutputLine(ECHOMINIMAL, "SetProvider: Calling oCASetup.SetCASetupProperty(SETUPPROP_CAKEYINFORMATION, oCAKeyInfo) ") 
    On Error Resume Next
    Call Err.Clear() 
    ' Set the keyInfo property
    Call oCASetup.SetCASetupProperty(SETUPPROP_CAKEYINFORMATION, oCAKeyInfo) 
    If (Err.Number <> 0) Then
        Call OutputLine(ECHOMINIMAL, "SetProvider1: Error " & Err.Number & ": " & Err.Description)
        Call OutputLine(ECHOMINIMAL, "Error Source: " & Err.Source)
        'Exit the script
        Call WScript.Quit (1)
    End If ' error occurred 
    SetProvider = True
End Function 'SetProvider 
'********************************************************************
'*
'* Function InstallAndVerifyCA()
'*
'* Purpose: runs setup on CA object with specified params
'* 
'* Input:  CAType
'*         CAService
'*         WebPages
'*
'********************************************************************' 
Function InstallAndVerifyCA(ByVal CAType, ByVal CAService, ByVal WebPages)
    Dim LocalCAConfig
    Dim CADBPath 
    ' Default to failed
    InstallAndVerifyCA = False 
    On Error Resume Next 
    Call Err.Clear() 
    Call OutputLine(ECHOMINIMAL, "InstallAndVerifyCA: InitializeDefaults")
    Call OutputLine(ECHOMINIMAL, "CAService: " & CAService)
    Call OutputLine(ECHOMINIMAL, "WebPages: " & WebPages) 
    Err.Number = 0 
    ' Call this function with an error handling wrapper, or vbscript equivalent..
    Call g_oCASetup.InitializeDefaults(CAService, WebPages) 
    If (0 <> Err.Number) Then 
        If (5 = Err.Number) Then
            ' uninstall 
            If(bRecursed          = False) Then
                bRecursed          = True
                Call UninstallCA(False)
                InstallAndVerifyCA = InstallAndVerifyCA( CAType, CAService, WebPages)
                Exit Function
            End If 
        End If 'error is already installed 
        Call PrintErrorInfo("CA Already install and cannot uninstall", Err)
        Call OutputLine(ECHOMINIMAL, "")
        Exit Function 'InstallAndVerifyCA
    End If 'error occurred 
    'Specify CA role
    Call OutputLine(ECHOMINIMAL, "InstallAndVerifyCA: SetCASetupProperty - CAType = " & CAType)
    Call g_oCASetup.SetCASetupProperty(SETUPPROP_CATYPE,  CAType) 
    If (0 <> Err.Number) And (VALUE_OUT_OF_RANGE <> Err.Number) Then
        Call PrintErrorInfo("InstallAndVerifyCA3:unable to set SETUPPROP_CATYPE!", Err)
        Exit Function 'InstallAndVerifyCA
    End If 'not a domain admin and error occurred 
    If (VALUE_OUT_OF_RANGE = Err.Number) Then
        Call OutputLine(ECHOMINIMAL, "InstallAndVerifyCA: Error! Must be a domain administrator to create Enterprise CA")
        Exit Function 'InstallAndVerifyCA 
    End If ' not a domain admin 
    Call Err.Clear() 
    if (bInteractive <> FALSE) then
        Call OutputLine(ECHOMINIMAL, "InstallAndVerifyCA: SetCASetupProperty - Interactive = " & bInteractive)
        Call g_oCASetup.SetCASetupProperty(SETUPPROP_INTERACTIVE,  bInteractive) 
        If (0 <> Err.Number) Then
            Call PrintErrorInfo("InstallAndVerifyCA:unable to set Interactive!", Err)
            Call OutputLine(ECHOMINIMAL, "")
            Exit Function 'InstallAndVerifyCA
        End If
    end if
    If (False <> bReuseKey) Or (False <> bReuseCert) Then 
        If (False = SetupKeyReuse(bReuseKey, bReuseCert, strCAName)) Then
            Call PrintErrorInfo("InstallAndVerifyCA: SetupKeyReuse failed.", Err)
            Exit Function
        End If 
    Else
        If "" <> strCAName then
            Call OutputLine(ECHOMINIMAL, "InstallAndVerifyCA: SetCADistinguishedName")
            'CAName, ignore UTF8, overwrite existing key, overwrite CA in DS
            Dim strCAFullDN
            strCAFullDN = "CN=" & strCAName
            If "" <> strDNSuffix then strCAFullDN = strCAFullDN & "," & strDNSuffix 
            Call g_oCASetup.SetCADistinguishedName(strCAFullDN, True, True, True)
            'Display errors 
            If (g_oCASetup.CAErrorId <> 0) Then
                Call PrintErrorInfo("InstallAndVerifyCA:SetCADistinguishedName failed. ", Err)
            End If
        End If
    End If 
    Call Err.Clear() 
    If (CAType <> ENTERPRISE_ROOTCA) And (CAType <> STANDALONE_ROOTCA) And (bReuseCert <> True) Then
        Call OutputLine(ECHOMINIMAL, "InstallAndVerifyCA: SetParentCAInformation")
        'Set parent CA information if it is a subordinate
        Call g_oCASetup.SetParentCAInformation(strRootCAName) 
        If (0 <> Err.Number) And (ROOT_CA_NOT_FOUND <> Err.Number) Then
            Call PrintErrorInfo("InstallAndVerifyCA:unable to set ParentCAInformation!", Err)
            Call OutputLine(ECHOMINIMAL, "")
            Exit Function 'InstallAndVerifyCA
        End If ' root ca not found 
        If (ROOT_CA_NOT_FOUND = Err.Number) Then
            Call OutputLine(ECHOMINIMAL, "InstallAndVerifyCA: Root CA (to Subordinate to) could not be found!")
            Exit Function 'InstallAndVerifyCA
        End If ' root ca not found 
    End If ' not root 
    Call Err.Clear() 
    If (True = WebPages) And (CAType = NO_INSTALL_CA) Then
        Call OutputLine(ECHOMINIMAL, "InstallAndVerifyCA: SetWebCAInformation")
        'Set web CA information if it is a web pages
        Call g_oCASetup.SetWebCAInformation(strCAName) 
        If (0 <> Err.Number) Then 
            If ( REG_VALUE_NOT_FOUND <> Err.Number) Then
                Call PrintErrorInfo("InstallAndVerifyCA:unable to set SetWebCAInformation!", Err)
                Call OutputLine(ECHOMINIMAL, "")
            Else
                Call OutputLine(ECHOMINIMAL, "InstallAndVerifyCA: install failed, registry key not present!")
            End If 
            Exit Function 'InstallAndVerifyCA
        End If ' error 
    End If ' web pages should be installed 
    Call OutputLine(ECHOMINIMAL, "InstallAndVerifyCA: Setting Key Properties") 
    Call Err.Clear() 
    Call OutputLine(ECHOMINIMAL, "InstallAndVerifyCA: calling SetProvider") 
    'Dim KeyLenVar
    'KeyLenVar = ProviderKeyLength(strSelectedCSP) 
    'If ("" <> KeyLenVar) Then
    '  iSelectedKeySize = KeyLenVar
    'End If 
    Call Err.Clear() 
    If (bReuseCert = False) Then
        Dim bProviderSet
        bProviderSet = SetProvider(g_oCASetup, strSelectedCSP, strSelectedHashAlg, iSelectedKeySize) 
        If (False = bProviderSet) Then
            Call OutputLine(ECHOMINIMAL, "InstallAndVerifyCA:unable to set key properties!")
            Exit Function 'InstallAndVerifyCA
        End If 'error occurred 
    End If 
    Call OutputLine(ECHOMINIMAL, "InstallAndVerifyCA: BeforeInstall!") 
    Call g_oCASetup.Install() 
    If (0 <> Err.Number) Then 
        If ( REG_VALUE_NOT_FOUND <> Err.Number) Then
            Call PrintErrorInfo("InstallAndVerifyCA:Install failed!", Err)
            Call OutputLine(ECHOMINIMAL, "")
        Else
            Call OutputLine(ECHOMINIMAL, "InstallAndVerifyCA: install failed, registry key not present!")
            Call OutputLine(ECHOMINIMAL, "InstallAndVerifyCA: " & Err.Number & ": " & Err.Description)
        End If 
        Exit Function 'InstallAndVerifyCA
    End If 'error occurred 
    Call OutputLine(ECHOMINIMAL, "InstallAndVerifyCA: AfterInstall!") 
    On Error GoTo 0 
    Call OutputLine(ECHOMINIMAL, "InstallAndVerifyCA: calling GetLocalCAConfig") 
    LocalCAConfig = GetLocalCAConfig() 
    If (LocalCAConfig = "") Then
        Call OutputLine(ECHOMINIMAL, "InstallAndVerifyCA: CA Reg entry not present!")
        Exit Function 'InstallAndVerifyCA
    End If ' getlocalcaconfig failed 
    WScript.Sleep 30000 
    If (CAService = True) Then 
        If (0 <> PingCA(LocalCAConfig)) Then
            Call OutputLine(ECHOMINIMAL, "InstallAndVerifyCA: Service not started!")
            Exit Function 'InstallAndVerifyCA
        End If ' can't ping service 
    End If ' ca set to install as a service 
    InstallAndVerifyCA = True
End Function 'InstallAndVerifyCA 
'********************************************************************
'*
'* Function UninstallCA()
'*
'* Purpose: Uninstalls all of the CA server components or optionally just the pages
'* 
'* Input:  
'*
'********************************************************************' 
Function UninstallCA(ByVal WebPagesOnly)
    Dim LocalCAConfig 
    Call OutputLine(ECHOMINIMAL, "UninstallCA: calling GetLocalCAConfig") 
    ' See where the server is at currently
    LocalCAConfig = GetLocalCAConfig() 
    If ("" = LocalCAConfig) Then
        Call OutputLine(ECHOMINIMAL, "UninstallCA: CA not installed!")
        UninstallCA = True
        Exit Function 'UninstallCA
    End If ' getlocalcaconfig failed 
    Call OutputLine(ECHOMINIMAL, "UninstallCA: calling .PreUninstall") 
    ' Clean up the web pages
    On Error Resume Next
    Call g_oCASetup.PreUninstall(WebPagesOnly) 
    If Err.Number <> 0 Then
        Call PrintErrorInfo("UninstallCA: ", Err)
    End If 
    Call OutputLine(ECHOMINIMAL, "UninstallCA: calling .PostUninstall") 
    Call g_oCASetup.PostUninstall() 
    Call OutputLine(ECHOMINIMAL, "UninstallCA: calling .GetLocalCAConfig") 
    ' Check registry to see if CA is still installed 
    LocalCAConfig = GetLocalCAConfig() 
    If ("" = LocalCAConfig) Then
        'Not installed!
        Call OutputLine(ECHOMINIMAL, "UninstallCA: Uninstall completed Successfully!")
        UninstallCA = True
        Exit Function 'UninstallCA
    End If 'getlocalcaconfig failed 
    Call OutputLine(ECHOMINIMAL, "UninstallCA: calling PingCA") 
    ' If the registry is still there, it might just be slow. 
    ' Try pinging the CA 
    If (0 <> PingCA("")) Then
        UninstallCA = True
        Exit Function 'UninstallCA
    End If ' can't ping service 
    ' Default to error
    UninstallCA = False
End Function 'UninstallCA 
'********************************************************************
'*
'* Function GetLocalCAConfig()
'*
'* Purpose: Determine role of CA if installed
'* 
'* Input:  
'*
'********************************************************************' 
Function GetLocalCAConfig()
    Dim WshShell
    Dim ActiveConfig
    Dim CAName
    Dim CAServer 
    On Error Resume Next 
    Set WshShell = WScript.CreateObject("WScript.Shell")
    ActiveConfig = WshShell.RegRead("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\Active") 
    If (Err.Number <> 0) Then 
        If (REG_VALUE_NOT_FOUND <> Err.Number) Then
            GetLocalCAConfig = ""
            Call PrintErrorInfo("GetLocalCAConfig: ", Err)
            Exit Function 'GetLocalCAConfig
        Else ' reg value not found
            GetLocalCAConfig = ""
            Call OutputLine(ECHOMINIMAL, "GetLocalCAConfig: CA Not Installed!")
            Call OutputLine(ECHOMINIMAL, "")
            Exit Function 'GetLocalCAConfig
        End If ' reg value found 
    End If ' error occurred 
    Call OutputLine(ECHOMINIMAL," Reading HKLM\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\" & ActiveConfig & "\CommonName")
    CAName = WshShell.RegRead("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\" & ActiveConfig & "\CommonName")
    Call OutputLine(ECHOMINIMAL, "CAName: " & CAName) 
    Call OutputLine(ECHOMINIMAL," Reading HKLM\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\" & ActiveConfig & "\CAServerName")
    CAServer = WshShell.RegRead("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\" & ActiveConfig & "\CAServerName")
    Call OutputLine(ECHOMINIMAL, "CAServer: " & CAServer) 
    ' Cleanup
    Set WShShell = Nothing 
    'Set Return value
    GetLocalCAConfig = CAServer & "\" & CAName
End Function 'GetLocalCAConfig 
'********************************************************************
'*
'* Function PingCA()
'*
'* Purpose: use CertUtil to ping the CA
'* 
'* Input:  
'*
'********************************************************************' 
Function PingCA(ByVal CAConfig)
    Dim WshShell
    Dim command
    Dim RunRet 
    Set WshShell = WScript.CreateObject("WScript.Shell") 
    If ("" <> CAConfig) Then
        command = "certutil -config " & CAConfig & " -ping"
    Else 'caconfig param null
        command = "certutil -ping"
    End If ' caconfig param passed 
    RunRet       = WshShell.Run(command, 1, False) 
    Set WShShell = Nothing
    PingCA       = RunRet
End Function ' PingCA 
'********************************************************************
'*
'* Function SetUpKeyReuse()
'*
'* Purpose: use CertUtil to ping the CA
'* 
'* Input:  
'*
'********************************************************************' 
Function SetUpKeyReuse(ByVal bReuseKey, ByVal bReuseCert, ByVal KeyName) 
    Dim oCAKeyInfo
    Dim oExistingCerts
    Dim CertInfo 
    On Error Resume Next 
    Set oCAKeyInfo     = g_oCASetup.GetCASetupProperty(SETUPPROP_CAKEYINFORMATION)
    Set oExistingCerts = g_oCASetup.GetExistingCACertificates() 
    Call OutputLine(ECHOMINIMAL,"Searching Existing Machine Keys") 
    For Each CertInfo in oExistingCerts
        wscript.echo "Existing Cert: " & certinfo.ContainerName 
        If (KeyName = certinfo.ContainerName) Then
            wscript.echo "Found cert!"
            oCAKeyInfo.Existing      = True
            If (Err.Number <> 0) Then Call PrintErrorInfo("SetUpKeyReuse: oCAKeyInfo.Existing", Err)
            oCAKeyInfo.ContainerName = CertInfo.ContainerName
            If (Err.Number <> 0) Then Call PrintErrorInfo("SetUpKeyReuse: oCAKeyInfo.ContainerName", Err)
            oCAKeyInfo.HashAlgorithm = CertInfo.HashAlgorithm
            If (Err.Number <> 0) Then Call PrintErrorInfo("SetUpKeyReuse: oCAKeyInfo.HashAlgorithm", Err)
            oCAKeyInfo.Length        = CertInfo.Length
            If (Err.Number <> 0) Then Call PrintErrorInfo("SetUpKeyReuse: oCAKeyInfo.Length", Err)
            oCAKeyInfo.ProviderName  = CertInfo.ProviderName
            If (Err.Number <> 0) Then Call PrintErrorInfo("SetUpKeyReuse: oCAKeyInfo.ProviderName", Err) 
            If (bReuseCert = True) Then
                oCAKeyInfo.ExistingCACertificate = CertInfo.ExistingCACertificate
                If (Err.Number <> 0) Then Call PrintErrorInfo("SetUpKeyReuse: oCAKeyInfo.ExistingCACertificate", Err)
            End If 
            Call g_oCASetup.SetCASetupProperty(SETUPPROP_CAKEYINFORMATION, oCAKeyInfo)
            If (Err.Number <> 0) Then Call PrintErrorInfo("SetUpKeyReuse: g_oCASetup.SetCASetupProperty(1, oCAKeyInfo)", Err)
            wscript.echo g_oCASetup.GetCASetupProperty(SETUPPROP_CANAME)
            wscript.echo g_oCASetup.GetCASetupProperty(SETUPPROP_CADSSUFFIX)
        End If 
    Next 
    SetupKeyReuse = True 
End Function ' SetKeyReuse
Random Solutions  
 
programming4us programming4us