Windows 2003 CA bug?
From: Scott Shorter (shorter_at_rocketmail.com)
Date: 09/04/03
- Next message: Karl Levinson [x y] mvp: "Re: Now wait just a dab non minute - this is getting out of hand"
- Previous message: rob: "Home network setup"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 4 Sep 2003 10:27:45 -0700
I'm encountering a problem attempting to import a key pair to use as
my standalone subordinate CA key. The following steps describe the
sequence I follow and the problem I encounter:
1. Add/Remove Programs -> Add/Remove Windows Components
2. Click "Certificate Services" checkbox, and click "Yes" to the
warning box.
3. Click Next
4. Select "Stand-alone subordinate CA" and "Use custom settings to
generate the key pair and certificate"
5. Click Next
6. Click Import...
7. Select a PKCS12 file or a PFX file containing an RSA private key
and certificate. Enter the appropriate password to unlock the private
key.
8. (If you've done this step before, click Yes to the question about
overwriting the key and certificate)
9. Click Next.
10. Look at the Subject DN from the certificate you imported in step
7.
11. Click Next.
12. Error dialog box comes up, saying "The key 'keyname' is either
corrupted or cannot be used for signing. Select another key. Keyset
does not exist 0x80090016 (-2146893082)"
This error occurs whether I use an OpenSSL generated PKCS#12 file or a
Windows created PFX file.
Am I doing something wrong, or is there a bug in the import function?
-- Scott Shorter Orion Security Solutions sshorter (at) orionsec (dot) com
- Next message: Karl Levinson [x y] mvp: "Re: Now wait just a dab non minute - this is getting out of hand"
- Previous message: rob: "Home network setup"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
