Re: Get certificates programatically

From: Vishal Agarwal[MSFT] (vishala_at_online.microsoft.com)
Date: 10/16/03

Next message: Sergio Dutra [MS]: "Re: Strange problem with Private Key under w2k. Bug?"
Previous message: Ryan Menezes [MSFT]: "Re: CSP give createfile error(0x57)"
In reply to: etorres: "Get certificates programatically"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 16 Oct 2003 13:05:37 -0700

Two options:

- run from a user account with same name&password.

- true anonymous call. You must enable anonymous COM calls by giving
anonymous access to certsrv request interface through DCOMCNFG plus give
anonymous enroll rights through CA snapin. Furthermore this will only work
if the request is being made while using a network token, you must perform a
LogonUser with a LOGON32_LOGON_NETWORK type.

Hope it helps,

Thanks,
Vishal[MSFT]

-- 
This posting is provided "AS IS" with no warranties, and confers no rights
"etorres" <etorrescr@yahoo.com> wrote in message
news:f3b6c7d0.0310141333.1d9cf811@posting.google.com...
> I am able to obtain certificates as long as I am running this code(see
> request) inside the domain as soon as I move outside the domain it
> fails on the submit with access denied. I have tried opening up
> security via DCOMCNFG and also adding CoInitiliazeSecurity and
> CoSetProxyBlanket calls but none of them seem to work.
> Is there a better way to go about this or am I just doomed.
> Thanks.
>
> code snippet follows:
>
> CoCreateInstanceEx(CLSID_CCertRequest, NULL, CLSCTX_INPROC_SERVER,
> &si, 1, &qi);
> pCertRequest = (ICertRequest *)qi.pItf;
> ... snip...
> pCertRequest->Submit(CR_IN_BASE64 | CR_IN_PKCS10, bstrRequest,
> bstrAttribs, bstrCA, &nDisp );

Next message: Sergio Dutra [MS]: "Re: Strange problem with Private Key under w2k. Bug?"
Previous message: Ryan Menezes [MSFT]: "Re: CSP give createfile error(0x57)"
In reply to: etorres: "Get certificates programatically"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Impersonate() & ASPNET worker threads. Bug or undocumented feature?
... > impersonation on in web.config. ... > In my oppinion ASPNET worker process even in one request scope switches ... > The anonymous access for application should be forbidden, ... that ASPNET worker might switch threads while executing ...
(microsoft.public.dotnet.framework.aspnet.security)
Re: Allow anon to add but not view
... If you need to get more details than the normal "request ... > own', anonymous access gets turned off for the list entirely, when you go ... > back to the 'Change Anonymous access' settings, ... > actually considered the same person, so any anon user would see posts from ...
(microsoft.public.sharepoint.windowsservices)
Re: How to use the credentials of the logged in user?
... and do not allow Anonymous access. ... request the web page, ASP.NET will run with his user account. ... reset password button it errors out because of: ...
(microsoft.public.dotnet.framework.aspnet)
RE: Simple IIS-ASP.NET security question
... each request to a web page was ran as IUSR_MACHINENAME if ... the anonymous access is ebanled, no matter what the configuration in ...
(microsoft.public.dotnet.framework.aspnet.security)