Re: How to build a certificate request from a certificate to be renewe
From: Sebastian Rieger (sebastian.rieger_at_gwdg.de)
Date: 07/27/05
- Next message: Cale: "Re: More CryptImportKey/NTE_BAD_KEY issues"
- Previous message: Rhett Gong [MSFT]: "Re: SE_ASSIGNPRIMARYTOKEN_NAME"
- In reply to: Nick: "How to build a certificate request from a certificate to be renewe"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 27 Jul 2005 09:55:54 +0200
Nick schrieb:
> Does anybody know how to build without GUI a client certificate request from
> a client certificate to be renewed?
> Samples and pointers to right direction would be greatly appreciated.
If you convert the certificate to a request (e.g. via openssl) or use an
archived request (e.g. from windows ca cervice database), you get in
trouble assigning the "old" private key to the "new" certificate.
If you need to renew a lot of client certs and don't want to use
certreq.exe to build new requests manually, you can also use CAPICOM to
create a request using the same keyset on an asp webpage. Although the
site is in German, you can steal some code for this from:
http://user-ca.mpg.de/renew/step1i.asp
The page displays the clients certificates of a certain ca and submits
them as new requests to a windows ca. Just look for the <SCRIPT> at the
end of the webpage source where a lot of "CAPICOM" is referenced.
Sebastian
- Next message: Cale: "Re: More CryptImportKey/NTE_BAD_KEY issues"
- Previous message: Rhett Gong [MSFT]: "Re: SE_ASSIGNPRIMARYTOKEN_NAME"
- In reply to: Nick: "How to build a certificate request from a certificate to be renewe"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
