The mailing list for users of the eduroam Configuration Assistant Tool (CAT)

[Louis Twomey <louis.twomey AT heanet.ie>]

Hi,
One of our client sites is trying to avoid their users being prompted/warned
unnecessarily during a profile install, where possible. Their SSL certificate
root CA is "AddTrust External CA Root", which already exists on (all?) Windows
7 devices of their users. During the install Win7 generates a prompt, asking 
if
the existing root CA of that name should be overwritten.

Would it be possible to have CAT allow them to download an installer, the
Windows 7 installer in this case but perhaps others too, without the root
certificate bundled with it, so that this prompt could be avoided?

Of course, the assumption here is that their root certificate already exists
amongst the list of well-known CA's in all (standard) Windows 7 clients - is 
it
safe to make that assumption on the basis of exploring just a few standard
installs of Windows 7?

Thanks,
Louis Twomey.

-- 
HEAnet Limited                               
louis.twomey AT heanet.ie
5 George's Dock, IFSC, Dublin 1              Tel: +353-1-6609040
Web: http://www.heanet.ie                    Fax: +353-1-6603666
Registered in Ireland, no 275301             PGP key: C77D9256

--- Please consider the environment before printing this e-mail ---