MAKECERT and ASP

• Previous message: MSFT: "Re: Forms Authentication to specific folders"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 28 Jan 2004 00:01:05 -0800

Hi all,
I've got two applications: the server (WinApp) and the ASP. Both of them must possess pub/priv keys and X509 certificates.
To generate certificate I use MAKECERT utility. Here is the problem that appears in the ASP case:

the following MAKECERT code creates an entry under "\Documents and Settings\All Users.W3KENT\Application Data\Microsoft\Crypto\RSA\MachineKeys":
-------------------------------------------------------------------------------------------------------------------------------------
makecert -pe -sk XXX -n "CN=Asp" -sr localmachine -sky exchange -$ commercial -cy both -e 01/12/2010 XXX.cer
-------------------------------------------------------------------------------------------------------------------------------------

The following code in ASP app creates ANOTHER entry at the same directory in spite of the SAME key type and the container name !!!
------------------------------------------------------------------------------------------------------------------------------------
CspParameters cp = new CspParameters();
cp.KeyContainerName = "XXX";
cp.KeyNumber = 1;
cp.Flags = CspProviderFlags.UseMachineKeyStore;
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(cp);
------------------------------------------------------------------------------------------------------------------------------------

So, what else can cause new keys/container creation ? Are there some other parameters in RSA or MAKECERT that should be adjusted ?

Thnks in advance for any clue !

P.S. In WinApp the same procedure works fine, so I've tried also to impersonate an Administrator (I create the certificates in Administrator context), but without any success. But since I use the machine key store impersonation doesn't seem to be required.

• Previous message: MSFT: "Re: Forms Authentication to specific folders"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages MAKECERT and ASP ... the server and the ASP. ... Both of them must possess pub/priv keys and X509 certificates. ... To generate certificate I use MAKECERT utility. ... (microsoft.public.dotnet.security) Makecert certificate generation headache ... trying to figure out how to utilize makecert.exe, ... pair of X.509 certificates for testing out the authentication scheme ... makecert utility with a proper set of parameters, ... In order to generate self-signed root certificate: ... (microsoft.public.platformsdk.security) Makecert certificate generation headache ... trying to figure out how to utilize makecert.exe, ... pair of X.509 certificates for testing out the authentication scheme ... makecert utility with a proper set of parameters, ... In order to generate self-signed root certificate: ... (microsoft.public.dotnet.security) Re: How to get client certificate from IIS? ... Did you set IIS as shown in picture? ... If you don't it won't give you certificates. ... Regards, ... compatible web farm Session replacement for Asp and Asp.Net ... (microsoft.public.inetserver.iis) Re: Questions about certificates ... need to correct myself here wrt to the makecert utility below ... have run into several problems with the one in the Framework SDK. ... I wanted to make similar certificates ... > A encrypts a message for B using B's Public Key. ... (microsoft.public.dotnet.framework.webservices.enhancements)