Re: Obtaining an SSL (test) certificate

From: Thomas Nielsen [AM Production A/S] (jack_pot_dk_at_h0tmail.com)
Date: 10/03/03

  • Next message: Alun Jones [MS MVP]: "Re: Windows 2003 + Certificate Store + AcquireCredentialsHandle + SEC_E_UNKNOWN_CREDENTIALS" 
    Date: Fri, 3 Oct 2003 12:52:27 +0200

    Jim,

    That was exactly what I was looking for - I didnt realize there were client
    certificates too. Thanks.

    /Thomas

    "Ohaya" <ohaya@cox.net> wrote in message news:3F7D16A6.2F24D893@cox.net...
    > Thomas,
    >
    > It sounds like the server that you're working with has configured
    > Verisign as a trusted CA, and possibly, only Verisign. In that case,
    > you'll need to get a client certificate from that same trusted CA, i.e.,
    > from Verisign. Here're a few pointers:
    >
    > http://www.verisign.com/products/class1/index.html
    >
    > Digital ID Enrollment:
    > http://www.verisign.com/client/enrollment/index.html
    >
    > The actual enrollment form (you can request a 60-day free trial here):
    > https://digitalid.verisign.com/client/class1MS.htm
    >
    > The last pointer will take you through the steps to request the client
    > cert from Verisign, get the cert, and install it on your client.
    >
    > Jim
    >
    >
    >
    > "Thomas Nielsen [AM Production A/S]" wrote:
    > >
    > > Dear all,
    > >
    > > I'm working on a client that needs to communicate securely with a server
    > > over SSL. The server needs to be able to authenticate me, so I need to
    be
    > > able to present it with a certificate from a root CA - And not just with
    any
    > > certificate I've issued myself.
    > >
    > > I've been informed that a Verisign test certificate will work fine, but
    I'm
    > > unsure how to actually obtain + install this into my Windows certificate
    > > store.
    > > I know how this works with IIS (generate CSR, request certificate,
    import
    > > into IIS), but how do you do this when your certificate is not for IIS?.
    > > Could the same procedure be used? (Generate CSR from IIS, request
    > > certificate, manually import certificate into "Certificates (Local
    > > Computer)/personal/certificates", os should this be handled differently?
    > >
    > > Thanks,
    > >
    > > /Thomas

  • Next message: Alun Jones [MS MVP]: "Re: Windows 2003 + Certificate Store + AcquireCredentialsHandle + SEC_E_UNKNOWN_CREDENTIALS"

    Relevant Pages

    • Re: Need for encryption in WSE 3.0 if using SS-avoid man-in-middle
      ... SSL only validates you are talking to a SSL certified server; ... They can simply edit the URL the client program ... can be done by using a X.509 certificate on both ends, ...
      (microsoft.public.dotnet.framework.aspnet.security)
    • Re: LDP client authentication fails
      ... I got the LDP working with LDAP server under server client authentication ... I did not installed the certificate in pfx format .. ... Client cert auth won't work without that. ...
      (microsoft.public.windows.server.active_directory)
    • Re: SSL & Man In the Middle Attack
      ... >> it possible for the middle man to intercept all messages from server to me ... > server sends client a signed message along with a digital certificate. ... > client generates a random secret key, ...
      (comp.security.misc)
    • Re: activesync issue
      ... On the SBS 2003 Server open the Server Management console. ... On the "Web Server Certificate" page, choose to create a new Web server ... Install the new certificate which created in above step on mobile device: ... Access to browse the Exchange Server 2003 client after you install ...
      (microsoft.public.windows.server.sbs)
    • Re: Need for encryption in WSE 3.0 if using SS-avoid man-in-middle
      ... order to detect we are connected to the wrong server (even though its SSL ... certificate is OK and valid by Verisign); we would need a client certificate. ... this can be detected by SSL/HTTPS client in ...
      (microsoft.public.dotnet.framework.aspnet.security)