Re: AcquireCredentialshandle returns SEC_E_INTERNAL_ERROR

From: sunit (sunit_at_newsgroup.nospam)
Date: 10/08/05


Date: Sat, 8 Oct 2005 23:32:17 +0530

Rhett Gong [MSFT]

Thanx a lot

> Glad to see you have isolated your problem.
> First there is no way to convert from .key to pvk, since .key is not a
regular format as I know.
> The .pvk file is a legacy format (as you see there is no direct way to
export private key to pvk from mmc) and Microsoft recommends customers using
the pfx format
> which can hold both certificate and private key along with the certificate
chain.
>
> And if you just need a .cer and pvk pair to do test, you can use makecert
/sk option or follow these steps below:
>
> 1. If web enrollment is installed you can browse to the enrollment page on
the server with http:// server>/certsrv.
> 2. Click on the "Request a certificate" link.
> 3. Click on the "advanced certificate request" link.
> 4. Click on "Create and submit a request to this CA".
> 5. Select the "User" certificate template from the dropdown list. Click
on the "Mark key as exportable" checkbox and then the "Export keys to file".
Enter the path and
> filename of the pvk file.
> 6. On the same page click on the Submit button to send the certificate
request.
> 7. Click yes to send the certificate request.
> 8. Click yes to create the pvk file.
> 9. Enter the password for the pvk file.
> 10. When the certificate server issues the certificate click on "Download
certificate" and save to a .cer file.
>
> Please note: for the step1 above, you may need to contact the person
managing the certificate server to make sure that he has installed web
enrollment support (web
> enrollment in IIS), and you will also need to know the name of the machine
where certificate server is installed
>
>
> Thanks,
> Rhett Gong [MSFT]
> Microsoft Online Partner Support
> Get Secure! - www.microsoft.com/security
>
http://support.microsoft.com/default.aspx?scid=/servicedesks/msdn/nospam.asp
&SD=msdn
>
> This posting is provided "AS IS" with no warranties and confers no rights.
>



Relevant Pages

  • RE: Code signing a VBA macro in 2002 and 2003
    ... Thanks Peter, the lack of the private key was the problem. ... this source) exactly the same as I have to with a self-signed certificate, ... > files(one is PVK file and the other is SFC. ...
    (microsoft.public.excel.programming)
  • Re: Unable to use third-party cert after Exch Sp2 update on SBS200
    ... Every *server* certificate in IIS has to ... The public key is sent when a request from a browser ... The public key is used to *decrypt* data. ... The private key is used ...
    (microsoft.public.windows.server.sbs)
  • RE: SIMple SSL question ??
    ... I believe your book is instructing you to keep the private key secure. ... you use the certificate request wizard in IIS to install the cert after it's ... the certificate that's just been installed. ... If an attacker retrievs the SSL certificate, ...
    (microsoft.public.dotnet.security)
  • RE: SIMple SSL question ??
    ... I believe your book is instructing you to keep the private key secure. ... you use the certificate request wizard in IIS to install the cert after it's ... the certificate that's just been installed. ... If an attacker retrievs the SSL certificate, ...
    (microsoft.public.dotnet.security)
  • Re: Certificates, Keys, Mobile Users, Intended Usage
    ... Option that you think about uses self signed EFS certificates. ... Better then exporting user's private key as backup is to setup DRA (Data ... there is no EFS certificate and it will generate a new one. ... Mobile computer users benefit from encrypting sensitive ...
    (microsoft.public.win2000.security)