Re: CryptAcquireContext fails with error 6 (The handle is invalid)

From: Phil Ten (pt_at_dafweb.com)
Date: 10/26/04 

Date: Tue, 26 Oct 2004 12:26:06 +0100

Thank you for your posts.

I wanted to test your suggestion, unfortunately, I couldn't get
WinHttpCertCfg.exe to work as expected. I assume I not specifying
the correct parameters but even with the tool documentation I couldn't
find the solution.

When I trie the sample found in the documentation with my container:

winhttpcertcfg /l /c local_machine\root /s DAFCryptoContainer
The tool returns:
Error: Unable to find or obtain a context for requested certificate
Reminder, my container was created with:

CryptAcquireContext(&m_hCryptProv,"DAFCryptoContainer",
MS_ENHANCED_PROV,PROV_RSA_FULL,
CRYPT_MACHINE_KEYSET|CRYPT_NEWKEYSET))

Thank you for your help.

Phil. Ten.

""Carlos Lopez"" <clopezonline@microsoft.com> wrote in message
news:H6SdtditEHA.764@cpmsftngxa10.phx.gbl...
> Phil,
>
> You can check/change the permissions on a key container with the
> WinHttpCertCfg.exe.
>
> Instructions on how to get the tool are here:
> http://support.microsoft.com/?id=823193
>
> Thanks
> Carlos
>
>
> This posting is provided "AS IS" with no warranties, and confers no
rights.
> --------------------
> | From: "Phil Ten" <pt@dafweb.com>
> | References: <eA5bfAVoEHA.2380@TK2MSFTNGP14.phx.gbl>
> <XCCr5leoEHA.3944@cpmsftngxa06.phx.gbl>
> <eF#40ThoEHA.3460@tk2msftngp13.phx.gbl>
> <8dk5QdGpEHA.4048@cpmsftngxa06.phx.gbl>
> <eN3QUsGpEHA.648@tk2msftngp13.phx.gbl>
> <B6viXETpEHA.1340@cpmsftngxa06.phx.gbl>
> <#EeU9yTpEHA.1712@tk2msftngp13.phx.gbl>
> <jUr6531pEHA.3944@cpmsftngxa06.phx.gbl>
> <uvoWit5pEHA.3900@TK2MSFTNGP10.phx.gbl>
> <g9OClNtqEHA.3356@cpmsftngxa06.phx.gbl>
> <uuBzmU4qEHA.592@TK2MSFTNGP11.phx.gbl>
> <psrUlLZsEHA.2092@cpmsftngxa10.phx.gbl>
> <u9m6ASdsEHA.2788@TK2MSFTNGP09.phx.gbl>
> <15LwO4ksEHA.1092@cpmsftngxa10.phx.gbl>
> | Subject: Re: CryptAcquireContext fails with error 6 (The handle is
> invalid)
> | Date: Fri, 15 Oct 2004 15:13:14 +0100
> | Lines: 122
> | X-Priority: 3
> | X-MSMail-Priority: Normal
> | X-Newsreader: Microsoft Outlook Express 6.00.3790.181
> | X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.3790.181
> | Message-ID: <O9snAersEHA.3200@TK2MSFTNGP09.phx.gbl>
> | Newsgroups: microsoft.public.platformsdk.security
> | NNTP-Posting-Host: philten.dafpro.com 62.212.108.88
> | Path:
>
cpmsftngxa10.phx.gbl!TK2MSFTNGXA03.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP09
> phx.gbl
> | Xref: cpmsftngxa10.phx.gbl microsoft.public.platformsdk.security:9539
> | X-Tomcat-NG: microsoft.public.platformsdk.security
> |
> | Thank you for your posts.
> |
> | I applied the suggested permissions and it did not help.
> | I still get the same symptom.
> |
> | I posted the question below several times in this
> | thread, unfortunately with no answer. If someone could
> | reply I would appreciate very much:
> |
> | How could I check the actual permission applied
> | to a crypto container?
> |
> | Also, I couldn't find any information on how and
> | where are stored crypto containers?
> |
> | Thank you
> |
> | Phil. Ten.
> |
> |
> |
> | ""Carlos Lopez"" <clopezonline@microsoft.com> wrote in message
> | news:15LwO4ksEHA.1092@cpmsftngxa10.phx.gbl...
> | > Hi Phil,
> | >
> | > Here are the values:
> | > Read Data = FILE_READ_DATA
> | > Read Extended Attributes = FILE_READ_EA
> | > Read Permissions = READ_CONTROL
> | > Synchronize = SYNCHRONIZE
> | >
> | > Thanks
> | > Carlos
> | >
> | > This posting is provided "AS IS" with no warranties, and confers no
> | rights.
> | > --------------------
> | > | From: "Phil Ten" <pt@dafweb.com>
> | > | References: <eA5bfAVoEHA.2380@TK2MSFTNGP14.phx.gbl>
> | > <XCCr5leoEHA.3944@cpmsftngxa06.phx.gbl>
> | > <eF#40ThoEHA.3460@tk2msftngp13.phx.gbl>
> | > <8dk5QdGpEHA.4048@cpmsftngxa06.phx.gbl>
> | > <eN3QUsGpEHA.648@tk2msftngp13.phx.gbl>
> | > <B6viXETpEHA.1340@cpmsftngxa06.phx.gbl>
> | > <#EeU9yTpEHA.1712@tk2msftngp13.phx.gbl>
> | > <jUr6531pEHA.3944@cpmsftngxa06.phx.gbl>
> | > <uvoWit5pEHA.3900@TK2MSFTNGP10.phx.gbl>
> | > <g9OClNtqEHA.3356@cpmsftngxa06.phx.gbl>
> | > <uuBzmU4qEHA.592@TK2MSFTNGP11.phx.gbl>
> | > <psrUlLZsEHA.2092@cpmsftngxa10.phx.gbl>
> | > | Subject: Re: CryptAcquireContext fails with error 6 (The handle is
> | > invalid)
> | > | Date: Thu, 14 Oct 2004 12:08:16 +0100
> | > | Lines: 47
> | > | X-Priority: 3
> | > | X-MSMail-Priority: Normal
> | > | X-Newsreader: Microsoft Outlook Express 6.00.3790.181
> | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.181
> | > | Message-ID: <u9m6ASdsEHA.2788@TK2MSFTNGP09.phx.gbl>
> | > | Newsgroups: microsoft.public.platformsdk.security
> | > | NNTP-Posting-Host: philten.dafpro.com 62.212.108.88
> | > | Path:
> | >
> |
>
cpmsftngxa10.phx.gbl!TK2MSFTNGXA03.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP09
> | > phx.gbl
> | > | Xref: cpmsftngxa10.phx.gbl
microsoft.public.platformsdk.security:9524
> | > | X-Tomcat-NG: microsoft.public.platformsdk.security
> | > |
> | > | No, I still didn't solve this issue.
> | > |
> | > | I am not sure how to try Carlos's suggestion because I do
> | > | not know how to change permission on a container
> | > | beside using my C function listed in a previous post
> | > | in this thread.
> | > |
> | > | Is there a simple way to change permission on a container?
> | > |
> | > | If the only way is by program, what constants should
> | > | I use to set the suggested permission below?
> | > |
> | > | Read Data = FILE_READ_DATA
> | > | Read Extended Attributes = ???
> | > | Read Permissions = ???
> | > | Synchronize = ???
> | > |
> | > | Thank you for your help
> | > |
> | > | Phil. Ten.
> | > |
> | > |
> | > | "Yan-Hong Huang[MSFT]" <yhhuang@online.microsoft.com> wrote in
message
> | > | news:psrUlLZsEHA.2092@cpmsftngxa10.phx.gbl...
> | > | > Hello Phil,
> | > | >
> | > | > How is everything going? If you are still monitoring this issue,
> could
> | > you
> | > | > please try Carlos's suggestion and let us know whether it works?
We
> | look
> | > | > forward to your response.
> | > | >
> | > | > Thanks very much.
> | > | >
> | > | > Best regards,
> | > | > Yanhong Huang
> | > | > Microsoft Community Support
> | > | >
> | > | > Get Secure! ¨C www.microsoft.com/security
> | > | > Register to Access MSDN Managed Newsgroups!
> | > | >
> | >
> -http://support.microsoft.com/default.aspx?scid=/servicedesks/msdn/nospam.
> | > | as
> | > | > p&SD=msdn
> | > | >
> | > | > This posting is provided "AS IS" with no warranties, and confers
no
> | > | rights.
> | > | >
> | > |
> | > |
> | > |
> | >
> |
> |
> |
>

Relevant Pages

  • Re: CryptAcquireContext fails with error 6 (The handle is invalid)
    ... I am not sure how to try Carlos's suggestion because I do ... Is there a simple way to change permission on a container? ... > Hello Phil, ...
    (microsoft.public.platformsdk.security)
  • Re: Domain Users with 2003 adminpak can see AD!
    ... All AD objects have permissions to them somewhat like ntfs ... to access objects in that container via AD. ... > ADUC containers. ... > tool within the administrator tools console. ...
    (microsoft.public.win2000.security)
  • Re: Want to stop sharing Outlook Today folders
    ... node, that's the container whose permissions you'll want to examine, as well ... I just never realized that a User Account profile is referred to ...
    (microsoft.public.exchange.clients)
  • Re: How to set permissions to allow user to edit AD
    ... Drill down to the Container which holds the accounts you want the user to ... the username you wish to give control to manage user accounts and change ... Create a custom taskpad. ... the container you delegated permissions to. ...
    (microsoft.public.windows.server.sbs)
  • Re: CRL failing to publish to AD
    ... went through the permissions on all the container and object permissions ... Services container. ... "Brian Komar " wrote: ... CDP Container tab listed both the Base CRL and Delta CRL, ...
    (microsoft.public.windows.server.security)