CryptAcquireContext and Windows Services...
From: Steve H (netspam_at_shic.co.uk)
Date: 09/30/03
- Next message: Michel Gallant: "Re: export a certificate private key as .pem file"
- Previous message: Szomraky Stefan: "CryptAPI: CryptEncrypt returns 16 times bigger block with 3DES"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 30 Sep 2003 09:24:34 -0700
I'm running into difficulties trying to retrieve a certificate from
the certificate store for use with GSS_SCHANNEL for an "NT Service"
(Written in VC++ 7 with ATL 7) under XP.
When I run MMC with the Certificates snap-in I see there are three
different containers:
* My user account
* Service account
* Computer account
I have a working program (executed as a straightforward executable by
the current user which calls (omitting error checking for brevity):
CryptAcquireContext(&provider,NULL,NULL,PROV_RSA_SCHANNEL,0);
cert_store=CertOpenSystemStore(provider,L"My");
cert=CertFindCertificateInStore(cert_store,
X509_ASN_ENCODING|PKCS_7_ASN_ENCODING,0,
CERT_FIND_ANY,NULL,NULL);
Which works fine to retrieve certificates from "My user account" –
however problems ensure when I use a similar technique for a service.
It doesn't seem to matter if the service is running as the same user
as my executable, or as the local system account,
CryptAcquireContext() returns "Keyset does not exist"
(NTE_KEYSET_NOT_DEF)
I've tried substituting various strings for the second parameter, as
well as setting the CRYPT_MACHINE_KEYSET flag – all to no avail… how
should I determine what the name of the container is for the container
I've already populated using the MMC snapin?
Can anyone offer sample code or a pointer to good documentation on the
subject?
Steve
- Next message: Michel Gallant: "Re: export a certificate private key as .pem file"
- Previous message: Szomraky Stefan: "CryptAPI: CryptEncrypt returns 16 times bigger block with 3DES"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
