A few weeks ago I wrote about constructing CertificateStore XML by hand. You have to open up the certificate in the browser, and export it as base64 XML, and it's a pain.
Here's a Powershell script that makes it much easier. Just pass it the name of a certificate file on the command line and it will output XML to add the certificate to the ROOT store. Then you can turn the XML into a CAB file, or add it to install XML, or process it in your application.
# CertificateStore template for adding a ROOT cert
$certAddString = @"
<parm name="EncodedCertificate" value="
# Load in a .CER file from the command line
$cert = get-pfxcertificate $args
# get the thumbprint
$certHash = $cert.GetCertHashString()
# Convert the encoded blob to base64 text
$encodedCertificate = [Convert]::ToBase64String($cert.GetRawCertData())
# print those into our WAP xml template
$outXml = $certAddString -f ($certHash, $encodedCertificate)
# finished - write the XML to the outbound pipeline