Re: How to build a certificate request from a certificate to be renewe
Date: Wed, 27 Jul 2005 09:55:54 +0200
> Does anybody know how to build without GUI a client certificate request from
> a client certificate to be renewed?
> Samples and pointers to right direction would be greatly appreciated.
If you convert the certificate to a request (e.g. via openssl) or use an
archived request (e.g. from windows ca cervice database), you get in
trouble assigning the "old" private key to the "new" certificate.
If you need to renew a lot of client certs and don't want to use
certreq.exe to build new requests manually, you can also use CAPICOM to
create a request using the same keyset on an asp webpage. Although the
site is in German, you can steal some code for this from:
The page displays the clients certificates of a certain ca and submits
them as new requests to a windows ca. Just look for the <SCRIPT> at the
end of the webpage source where a lot of "CAPICOM" is referenced.
- Re: Unable to authenticate via kerberos to IIS site accepting clie
... is it Kerberos over SSL Client Certificate. ... the request being too large. ...
- Re: IOException whit large request using certificates on IIS 6.0
... I used it to set a new size, as the request is ... The note below says that it not recommended for non client certificate ... This is the log from IIS for the specific call, ... When i do a post to this webserver using unsecure http connection, ...
- Re: Webserver certificate
... I'm trying to request a client certificate from a CA running on Windows ... I have successfully created both a client and server ... This posting is provided "AS IS" with no warranties, and confers no rights. ...
- Re: Suppressing user prompt for client certificates
... is displayed by CryptSignHash() ... every time it needs to access your private key (if it is marked ... > How is the request being created? ... > requests a client certificate. ...
- Re: How to Add Attribute to a PKCS10 Request
... It would be harder if you are using CAPI rather than CAPICOM or ICEnroll. ... To add request attributes you would have to ... > certificate request using VC++ like the example in the PSDK... ...