Re: AcquireCredentialshandle returns SEC_E_INTERNAL_ERROR
From: sunit (sunit_at_newsgroup.nospam)
Date: 10/08/05
- Next message: Jakub Gwozdz: "Re: csp/pkcs11 container name management"
- Previous message: Dejan: "Re: csp/pkcs11 container name management"
- In reply to: Rhett Gong [MSFT]: "Re: AcquireCredentialshandle returns SEC_E_INTERNAL_ERROR"
- Next in thread: Rhett Gong [MSFT]: "Re: AcquireCredentialshandle returns SEC_E_INTERNAL_ERROR"
- Reply: Rhett Gong [MSFT]: "Re: AcquireCredentialshandle returns SEC_E_INTERNAL_ERROR"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 8 Oct 2005 23:32:17 +0530
Rhett Gong [MSFT]
Thanx a lot
> Glad to see you have isolated your problem.
> First there is no way to convert from .key to pvk, since .key is not a
regular format as I know.
> The .pvk file is a legacy format (as you see there is no direct way to
export private key to pvk from mmc) and Microsoft recommends customers using
the pfx format
> which can hold both certificate and private key along with the certificate
chain.
>
> And if you just need a .cer and pvk pair to do test, you can use makecert
/sk option or follow these steps below:
>
> 1. If web enrollment is installed you can browse to the enrollment page on
the server with http://
> 2. Click on the "Request a certificate" link.
> 3. Click on the "advanced certificate request" link.
> 4. Click on "Create and submit a request to this CA".
> 5. Select the "User" certificate template from the dropdown list. Click
on the "Mark key as exportable" checkbox and then the "Export keys to file".
Enter the path and
> filename of the pvk file.
> 6. On the same page click on the Submit button to send the certificate
request.
> 7. Click yes to send the certificate request.
> 8. Click yes to create the pvk file.
> 9. Enter the password for the pvk file.
> 10. When the certificate server issues the certificate click on "Download
certificate" and save to a .cer file.
>
> Please note: for the step1 above, you may need to contact the person
managing the certificate server to make sure that he has installed web
enrollment support (web
> enrollment in IIS), and you will also need to know the name of the machine
where certificate server is installed
>
>
> Thanks,
> Rhett Gong [MSFT]
> Microsoft Online Partner Support
> Get Secure! - www.microsoft.com/security
>
http://support.microsoft.com/default.aspx?scid=/servicedesks/msdn/nospam.asp
&SD=msdn
>
> This posting is provided "AS IS" with no warranties and confers no rights.
>
Relevant Pages
... Thanks Peter, the lack of the private key was the problem. ... this source) exactly the same as I have to with a self-signed certificate, ... > files(one is PVK file and the other is SFC. ...
(microsoft.public.excel.programming)
... Every *server* certificate in IIS has to ... The public key is sent when a request from a browser ... The public key is used to *decrypt* data. ... The private key is used ...
(microsoft.public.windows.server.sbs)
... I believe your book is instructing you to keep the private key secure. ... you use the certificate request wizard in IIS to install the cert after it's ... the certificate that's just been installed. ... If an attacker retrievs the SSL certificate, ...
(microsoft.public.dotnet.security)
... I believe your book is instructing you to keep the private key secure. ... you use the certificate request wizard in IIS to install the cert after it's ... the certificate that's just been installed. ... If an attacker retrievs the SSL certificate, ...
(microsoft.public.dotnet.security)
... Option that you think about uses self signed EFS certificates. ... Better then exporting user's private key as backup is to setup DRA (Data ... there is no EFS certificate and it will generate a new one. ... Mobile computer users benefit from encrypting sensitive ...
(microsoft.public.win2000.security)
