SOLVED - Re: EnvelopedCms.Decrypt -- Certificate revocation problem in .net 2.0

From: Ziga Jakhel ("Ziga)
Date: 09/14/05

• Next message: Dominick Baier [DevelopMentor]: "Re: Anonymous access + Windows Authentication"
• Previous message: Ziga Jakhel: "SOLVED : Re: X.509 "Bad Key" error - EnvelopedCms.Decrypt()"
• In reply to: Ziga Jakhel: "EnvelopedCms.Decrypt -- Certificate revocation problem in .net 2.0"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Wed, 14 Sep 2005 09:30:57 +0200

Ok, the problem lies with makecert - generated certificates.

I generated one with Windows2003 CA, as Dominick has suggested and
everything works nicely.

Regards,

Ziga

"Ziga Jakhel" <ziga(dot)jakhel(at)rrc.si> wrote in message
news:u75eEgGuFHA.3720@TK2MSFTNGP14.phx.gbl...
> Hi!
>
> I'm trying to put together a demo for
> signing/verifying/encrypting/decrypting documents via pkcs #7 in VS2005,
> as per instructions in
> http://msdn2.microsoft.com/en-us/library/ms180960(en-US,VS.80).aspx
>
> The problem I'm getting is that when I call
> envelopedCms.Decrypt(), the operation fails with an error message "Bad
> Key".
> As far as I can trace it, it all comes down to the framework assuming the
> certificate is invalid, because it cannot get the revocation list from the
> ca.
>
> I have added the "homegrown" CA - Root Agency that the makecert tool
> created to all trusted roots, etc. but to no avail.
>
> Any ideas? I'm relatively new to programming with x.509
>
> Regards,
>
> Ziga
>
>

---

• Next message: Dominick Baier [DevelopMentor]: "Re: Anonymous access + Windows Authentication"
• Previous message: Ziga Jakhel: "SOLVED : Re: X.509 "Bad Key" error - EnvelopedCms.Decrypt()"
• In reply to: Ziga Jakhel: "EnvelopedCms.Decrypt -- Certificate revocation problem in .net 2.0"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages SOLVED : Re: X.509 "Bad Key" error - EnvelopedCms.Decrypt() ... the problem lies with makecert - generated certificates. ... Regards, ... Ziga ... (microsoft.public.dotnet.security) Re: How to get client certificate from IIS? ... Did you set IIS as shown in picture? ... If you don't it won't give you certificates. ... Regards, ... compatible web farm Session replacement for Asp and Asp.Net ... (microsoft.public.inetserver.iis) RE: Secondary OWA authentication for links in messages ... The first thing I would do is to go back through the CEICW and reconfigure ... everything including certificates. ... Best Regards, ... James R Frederickson, MCSE NT4/2000/2003 ... (microsoft.public.windows.server.sbs) Re: exception " Private Key is not available" when runnig the sample "AsymmetricEncr ... does not explicitly add the token to the context's token collection so I ... The exception info has been display in the ... > I'm sure the problem is caused by the certificates I use or I didn't use ... >> I guess the problem lies in the certificates I use.I did install and ... (microsoft.public.dotnet.framework.webservices.enhancements) RE: Expired Certificates ... Certutil command to delete a certificate for user or for machine. ... Certutil tasks for managing certificates ... and then click the Issued Certificates folder. ... >With regards to " It looks like the persons that had permissions to place ... (microsoft.public.windows.server.general)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(16)