Re: Smart Card Login fails after renewal

From: aelkins (anonymous_at_discussions.microsoft.com)
Date: 05/27/04 

Date: Wed, 26 May 2004 19:31:03 -0700

Here is the code

Const CAPICOM_MEMORY_STORE = 0
Const CAPICOM_LOCAL_MACHINE_STORE = 1
Const CAPICOM_CURRENT_USER_STORE = 2
Const CAPICOM_ACTIVE_DIRECTORY_USER_STORE = 3
Const CAPICOM_SMART_CARD_USER_STORE = 4

Const CAPICOM_STORE_OPEN_READ_WRITE = 1

Const CR_IN_BASE64 = &H1
Const CR_IN_PKCS10 = &H100

Const CR_out_BASE64HEADER = 0
Const CR_out_CHAIN = &H100

Const SmartCardProviderName = "Schlumberger Cryptographic Service Provider"
Const CertServer = "Server1"

Set CurrentUserStore = CreateObject("CAPICOM.Store")
Set SmartCardStore = CreateObject("CAPICOM.Store")

SmartCardStore.Open CAPICOM_SMART_CARD_USER_STORE, "MY", CAPICOM_STORE_OPEN_READ_WRITE
CurrentUserStore.Open CAPICOM_SMART_CARD_USER_STORE, "MY", CAPICOM_STORE_OPEN_READ_WRITE

' Note: I know there is only one cert in the CurrentUserStore and SmartCardStore

For Each Certificate in SmarCardStore.Certificates
        SmartCardUserSubjectName = Certificate.SubjectName
        SmarCardCertificateTemplateName = Certificate.Template.Name
        SmarCardCertificateTemplateOID = Certificate.Template.OID
        SmartCardSimpleName = Certificate.GetInfo(0)
Next

' Remove Certificates for CurrentUser and SmartCard

For Each Certificate in CurrentUserStore.Certificates
        CurrentUserStore.Remove Certificate
Next

For Each Certificate in SmartCardStore.Certificates
        Certificate.PrivateKey.Delete
        Certificate.PrivateKey = Nothing
Next

Set Enroll = CreateObject("CEnroll.CEnroll.2")
Enroll.addCertTypeToRequest = SmarCardCertificateTemplateName
Enroll.ProviderName = SmartCardProviderName
Enroll.UserExistingKeySet = FALSE

strReq = Enroll.createPKCS10( SmartcardUserSubjectName, SmartcardCertificateTemplateOID)

Set CertRequest = CreateObject("CertificateAuthority.Request")
nDisp = CertRequest.Submit (CR_IN_BASE64 or CR_IN_PKCS10, strReq, "", CertServer & "\" &

_SmartCardSimpleName)
ID = CertRequest.GetRequestID

Cert = CertRequest.GetCertificate (CR_OUT_BASE64HEADER or CR_OUT_CHAIN)
Enroll.acceptResponse Cert

Relevant Pages

  • example for using IcertView API , show Certificates list and data on a Visual Basic (Client)
    ... This parameter, along with the SeekOperator parameter, determines which data is returned to the Certificate Services view. ... Before the SetRestriction method is called, it is necessary to establish a connection with the Certificate Service server by calling the ICertView::OpenConnection method. ... ' Const values recognized by CertView ... Dim nIndex As Long ...
    (microsoft.public.windows.server.security)
  • Capicom: sign error
    ... I'm using CAPICOM 2.0.0.3 for signing in a web app. ... Const TITULO_ERROR = "Firma de Texto..." ... Dim Signer, SignedData, Certificate, Message, oConvert ... Set oCertificates = oStore.Certificates ...
    (microsoft.public.platformsdk.security)
  • Capicom: sign error
    ... I'm using CAPICOM 2.0.0.3 for signing in a web app. ... Const TITULO_ERROR = "Firma de Texto..." ... Dim Signer, SignedData, Certificate, Message, oConvert ... Set oCertificates = oStore.Certificates ...
    (microsoft.public.security)
  • Re: How to describe a certificate ?
    ... Mitch Gallant ... ' and optionally allows user to add/change the selected certificate "Friendly Name". ... Dim storename, Message, Title, infotxt, friendlynamein ... Const friends = "AddressBook" ...
    (microsoft.public.platformsdk.security)
  • Re: Importing certificate in IE using VBS
    ... ' This script installs one or more digital certificates into the ... ' cert Identifies the certificate to add. ... ' to manipulate the certificate store). ... Const DLLFILE = "capicom.dll" ...
    (microsoft.public.scripting.vbscript)