RE: Relocating certificate store for IE to USB token

From: lelteto (lelteto_at_discussions.microsoft.com)
Date: 01/25/05


Date: Mon, 24 Jan 2005 22:19:01 -0800

One way to solve this is to have your certificate associated with your CSP
(but still stored into the normal MY store IE uses). This can be eg. a
vendor-supplied utility which copies the cert from the attached token into
the MY store and marks it to be used with the token's CSP. I assume you know
how to install the token CSP (or the vendor provides install for it anyway).

Laszlo Elteto
SafeNet, Inc.

"Winston" wrote:

> Is there a way to configure IE so that instead of storing certificates it
> acquires during visits to secure websites in registry (or any other physical
> stores), it will store these certificates in a USB token? We can write our
> own CSP if that's what it takes to do.
> Specifically, I have these questions
> 1. Assuming we supply our own CSP to manage cert stores on our USB token, is
> it just a matter of telling IE to use our CSP?
> 2. If so, how can we tell IE to use our CSP?
> 3. If not, what else do I need to do?
> Thanks,
> Winston
>
>
>



Relevant Pages

  • Re: SmartCard CSP and CA certificate enrollment
    ... Store for each of the two keys in the ... 'default' container on the smart card. ... CSP Design & Development Consulting ... enrolls for a certificate, the Certificate Enrollment Wizard offers the ...
    (microsoft.public.platformsdk.security)
  • Re: smart card private key
    ... first storing the certificate information and the private key ... information in the system store. ... first of it the name of the CSP module that manages that key. ... information about the private key present on the smart card before ...
    (microsoft.public.platformsdk.security)
  • RE: CSPs and Certificate Extensions
    ... This matches the calls that are made to my CSP that I ... That means the problem is occurring when the certificate is being accessed - ... CPSignHash is called with the key spec set to AT_KEYEXCHANGE. ... of the IE certificate store. ...
    (microsoft.public.platformsdk.security)
  • Problems with custom Cryptographic Service Provider
    ... I'm writting a custom cryptographic service provider and some problems ... Firtly i wrote all the CSP calling the CryptoAPI. ... it apears to Install the Certificate. ... But i don't want to install in "my store" location. ...
    (microsoft.public.platformsdk.security)
  • Re: Alternative store vs. MY store
    ... store both the client cert and its associate private key on my USB memory ... your codes (CSP, ... indirect call to your CSP when one of your cert is involved in an operation. ...
    (microsoft.public.platformsdk.security)