Re: Certificates: Which store to add to?
From: Craig (anonymous_at_discussions.microsoft.com)
Date: 10/12/04
- Previous message: Jacques Le***: "Re: get authentication method"
- In reply to: Shawn Corey [MSFT]: "Re: Certificates: Which store to add to?"
- Next in thread: Daniel Sie [MSFT]: "Re: Certificates: Which store to add to?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 12 Oct 2004 02:27:52 -0700
Hi Shawn,
But before I can call the chaining function on the cert,
or retrieve the public key, I first need to get the
certificate onto my PC (and all the other certs in the
chain back to the root certificate).
I figured that one way to do this is to use mmc and import
the certificate. This way whenever I need to send data to
the recipient I can get their cert out of the store,
verify the chain, signature and time validity, then get
their public key.
The problem is that I don't see the MY, ROOT, TRUST or CA
stores in mmc. Instead, I see a range of other names such
as Personal, Trusted Root Certification Authorities,
Enterprise Trust, Intermediate Certification Authorities,
Trusted Publishers, Untrusted Certificates, Third-Party
Root Certification Authorities, Trusted People,
Certificate Enrollment Requests and SPC.
Thanks,
Craig.
PS: I am new to using the cert functions in the CryptoAPI,
so sorry if this is way off.
>-----Original Message-----
>You should not have to import the cert into any store, as
long as you have a
>CertContext you can verify the chain, using
CertGetCertificateChain for
>example, and get the public key using the
SubjectPublicKeyInfo value in the
>CertContext
>
>
>http://msdn.microsoft.com/library/default.asp?
url=/library/en-
us/seccrypto/security/certgetcertificatechain.asp
>http://msdn.microsoft.com/library/default.asp?
url=/library/en-
us/seccrypto/security/cert_public_key_info.asp
>
>--
>Thanks,
>Shawn
>
>This posting is provided "AS IS" with no warranties, and
confers no rights.
>Use of included script samples are subject to the terms
specified at
>http://www.microsoft.com/info/cpyright.htm
>
>
>"Craig" <anonymous@discussions.microsoft.com> wrote in
message
>news:3db901c4ab5e$e8016ea0$a301280a@phx.gbl...
>> Hi,
>>
>> When adding another person's certificate to a store on
>> your PC (so you can get their public key and also verify
>> the certificate chain), where should you add it? Is
there
>> any problem with importing it into any store?
>>
>> Thanks In Advance,
>> Craig.
>>
>>
>>
>
>
>.
>
- Previous message: Jacques Le***: "Re: get authentication method"
- In reply to: Shawn Corey [MSFT]: "Re: Certificates: Which store to add to?"
- Next in thread: Daniel Sie [MSFT]: "Re: Certificates: Which store to add to?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
