1. Export root certificate.
a. Launch certmgr.msc
b. Locate root certificate in Trusted Root Certification Authorities\Certificates
c. Right-click the certificate in the results pane, click All Tasks, and then click Export. Complete the Certificate Export Wizard using the default settings.
2. To deploy root certificate using SCCM
a. Copy the Certutil.exe and Certadm.dll (installed in %windir%\system32) files to the same directory as the exported certificate.
b. Create a software distribution package containing the files (certutil.exe, certadm.dll, RootCert.cer).
c. Add a software distribution program that runs the following command-line
1st program: certutil.exe -addstore Root RootCert.cer
2nd program: certutil.exe -addstore TrustedPublisher RootCert.cer
(specify the first program to run before the second).
d. Create an advertisement for distributing the package and program to the appropriate collection.
