Re: Help with IPSec

From: Jacco de Leeuw (jacco2_at_dds.mil)
Date: 06/30/05

• Previous message: Michel Gallant: "Re: computing hash from a pkcs7 signature"
• In reply to: xjaguar: "Help with IPSec"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 30 Jun 2005 17:20:34 +0200

> 7-01: 11:37:04:719:298 AcquireContext Sig Key error: -2146893802
> ...
> From event viewer, it seems that ipsec is complaining about no private key
> found for machine certificate. But there is private key for selected
> certificate.

-2146893802 = 0x80090016

http://msdn.microsoft.com/library/en-us/seccrypto/security/cryptacquirecontext.asp

   NTE_BAD_KEYSET( 0x80090016L ) The key container could not be opened.
   A common cause of this error is that the key container does not exist.
   To create a key container, call CryptAcquireContext using the
   CRYPT_NEWKEYSET flag. This error code can also indicate that access to
   an existing key container is denied. Access rights to the container can
   be granted by the key set creator by using CryptSetProvParam.

Does it work if you log on as Administrator?

Jacco

-- 
Jacco de Leeuw                           mailto:jacco2@dds.mil
Zaandam, The Netherlands              http://www.jacco2.dds.nl
Please note: my real e-mail address is not shown, due to spam.
  (Hint: I'm *not* in the military but in the Netherlands...)

• Previous message: Michel Gallant: "Re: computing hash from a pkcs7 signature"
• In reply to: xjaguar: "Help with IPSec"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: CryptAcquireContext question! ... Is your "private key" an RSA key or is it a ... In Win CryptoAPI, the usual way of getting keys into CryptoAPI ... > I have a private key in a file and I want to store ... > that identifies the key container to the CSP. ... (microsoft.public.platformsdk.security) CAPICOM and key container ... I am trying to implement a signed XML document as a configuration file for a ... Now my problem is to store the private key ... configuration is changed - the configuration file must be signed again (with ... The key Container can be accessed via the CAPICOM Interface. ... (microsoft.public.platformsdk.security) Re: signcode vs signtool ... My goal is to somehow get the .pvk into a key container in the ... system so that I can use the "-k" option of SIGNTOOL (or SIGNCODE ... shows up in the "Personal" store for the current user. ... How the heck do I determine the private key container name ... (microsoft.public.dotnet.security) Re: Why can I silently export private keys marked as non-exportable? ... CertSerializeCertificateStoreElement API neither exports private key, ... It only saves certificate store properties like CERT_KEY_PROV_INFO_PROP_ID, ... CERT_KEY_PROV_INFO_PROP_ID which holds the name of the key container. ... (microsoft.public.platformsdk.security)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint