Re: Problems Adding/Importing a certificate file .pfx to my store using CertAddEncodedCertificateToStore

From: Kiran Thandra (kithu00_at_yahoo.com)
Date: 08/25/04

  • Next message: lelteto: "Re: How secure is personal certificate store in W2K?" 
    Date: 25 Aug 2004 08:36:13 -0700

    Anand,

    Thanks for your reply.I just tried it in 95 and it worked with minor
    changes to my code. Some more clarifications on handling
    certificates.Certficate are getting imported but not in the desired
    stores.

    For example-In my .pfx file there are several files are combined
    together. First is the client public certificate which the client
    private certificate is attached to, then the intermediate and root
    certificates are added.

      While installing a .pfx files In to I.E using the import WIZARD we
    get an option like "Automatically Select Store Based on Certificate
    Type".
    How can we set this option programatically.

    While my program importing these certificates we are getting some
    confirmation dialog boxes like "Do you want to install this
    Certificate Isseud by so...."
    Can we bypass these things to the users.

    Appreciate your time.

    Regards,
    Kiran Thandra

    kithu00@yahoo.com (Kiran Thandra) wrote in message news:<d797b276.0408231404.295627f0@posting.google.com>...
    > Hi Anand,
    >
    > Thanks for your reply. Just wondering are these Libraries compatable
    > on Windows 95 . Because we are trying to develop two interfaces one
    > for Windows 2000 and 95.
    >
    > Appreciate your time.
    >
    >
    > Regards,
    > Kiran Thandra
    >
    >
    > kithu00@yahoo.com (Kiran Thandra) wrote in message news:<d797b276.0408230754.188c18e5@posting.google.com>...
    > > Hi,
    > >
    > > We are trying to automate the client certificate import process. We
    > > are programatically trying achieve the
    > > I.E/InternetOptions/Content/Certificates/Import wizard functionality.
    > >
    > > Here is our approach.
    > > We connect to a website using WININET and download a .pfx file and
    > > save it to harddrive.
    > > Trigger another program to read this file and import to My Store.
    > > XYZ.pfx is a sample file . Any ideas are greatly appreciated ...
    > > I need more help of how do we convert our .pfx file to (const BYTE*
    > > pbCertEncoded) whihc is a third parameter in
    > > CertAddEncodedCertificateToStore method.
    > >
    > > I'm getting the following crypt .dll error(-8589934602) while
    > > importing from executing this code.
    > >
    > >
    > >
    > > Sample code
    > >
    > > bool CSslConnection::ImportClientCert()
    > > {
    > > char c;
    > > //const char *buffer="this is a string";
    > > //CHAR buffer[1024];
    > > string lps="this is a test";
    > > const BYTE *pbyte=0;
    > > DWORD length=0;
    > >
    > >
    > >
    > > /* declare a char variable */
    > >
    > > FILE *file; /* declare a FILE pointer */
    > > file = fopen("xyz.pfx", "r");
    > > /* open a text file for reading */
    > >
    > > if(file==NULL) {
    > > printf("Error: can't open file.\n");
    > > /* fclose(file); DON'T PASS A NULL POINTER TO fclose !! */
    > > return 1;
    > > }
    > > else {
    > > printf("File opened successfully. Contents:\n\n");
    > >
    > > while(1) { /* keep looping... */
    > > c = fgetc(file);
    > >
    > > if(c!=EOF) {
    > >
    > > printf("%c", c);
    > > lps += c;
    > >
    > > /* print the file one character at a time */
    > > }
    > > else {
    > > break; /* ...break when EOF is reached */
    > > }
    > > }
    > > printf("\n\nNow closing file...\n");
    > > fclose(file);
    > > }
    > > // buffer=&c;
    > >
    > > //istrstream s( buffer );
    > > //lps= AddressToString(lps,pbyte);
    > >
    > > const unsigned char *ct=(const unsigned char*)lps.c_str();
    > >
    > >
    > > return CertAddEncodedCertificateToStore(m_hStore,X509_ASN_ENCODING |
    > > PKCS_7_ASN_ENCODING,ct,2000,CERT_STORE_ADD_USE_EXISTING,NULL);
    > >
    > >
    > >
    > > //return true;
    > > }

  • Next message: lelteto: "Re: How secure is personal certificate store in W2K?"

    Relevant Pages

    • Re: HttpWebRequest failure with TLS
      ... My guess is that you are going to want it in the machine store as the ... account your web service client is running under will eventually change to ... private key associated with it in the cert properties dialog. ... certificate should go in the personal store. ...
      (microsoft.public.dotnet.framework.aspnet.security)
    • Re: cannot view indexed property
      ... I'm going to assume that your client is actually a service running under ... have a personal certificate store. ... It is located in the current user personla store ...
      (microsoft.public.dotnet.framework.webservices.enhancements)
    • Need help on x509 certificate installation
      ... And the certificate has been install into LocalComputer\Enterprise ... Trust and LocalComputer\Personal store respectively. ... I configure both my webservice and client application WSE 2.0 policy ... Private Key is not available" ...
      (microsoft.public.dotnet.framework.webservices.enhancements)
    • Re: WSE 2.0 Policy security settings with multiple X.509 certifica
      ... Certificate Store Location is set to LocalMachine (for the Web Service ... "Trusted Client Certificates" is made from "Local Machine - Other People" ...
      (microsoft.public.dotnet.framework.webservices.enhancements)
    • Re: Certificate Installation Question
      ... For that task you need to request a certificate for your clients. ... >>> However, for my users, is there a way I can automate this so that it>>> goes to the correct store? ... Is there a command line utility that I can>>> import this cert to? ... The Client Authentication ...
      (microsoft.public.internet.radius)