Re: CA key pair deposition
From: D. Cross [MS] (vaq130@hotmail.com)
Date: 08/28/02
- Next message: D. Cross [MS]: "Re: Taking Ownership didn't help"
- Previous message: Jim Campau: "Re: Desk pro Windows 2000 NT logon problem"
- In reply to: paul: "CA key pair deposition"
- Next in thread: Shreeniwas Kelkar [MS]: "Re: CA key pair deposition"
- Reply: Shreeniwas Kelkar [MS]: "Re: CA key pair deposition"
- Reply: paul: "Re: CA key pair deposition"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "D. Cross [MS]" <vaq130@hotmail.com> Date: Wed, 28 Aug 2002 07:08:05 -0700
The CA runs as the SYSTEM account which implies that the keys are stored in
the machine store of the local system. You can use a HSM of course with a
third party CSP to store the keys elsewhere of couse.
keys are protected by DPAPI and are generated using CryptGenRandom
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnsecure/ht
ml/windataprotection-dpapi.asp
-- David B. Cross [MS] -- This posting is provided "AS IS" with no warranties, and confers no rights. "paul" <paul@rettersen.de> wrote in message news:94ee01c24e84$9c1d7120$35ef2ecf@TKMSFTNGXA11... hi, i´m trying to make a PKI with .NET RC1. I need it for a VPN-Solution (L2TP/IPSec). After the installation of an enterprise CA I´m trying to find out where the key pair (private and public key of the CA), which the "wizzard" generated, could be. Is there any whitepaper, which descibes how the wizzard generates keys (random, etc.) and where the keys are ? thanks a lot best regards -paul
- Next message: D. Cross [MS]: "Re: Taking Ownership didn't help"
- Previous message: Jim Campau: "Re: Desk pro Windows 2000 NT logon problem"
- In reply to: paul: "CA key pair deposition"
- Next in thread: Shreeniwas Kelkar [MS]: "Re: CA key pair deposition"
- Reply: Shreeniwas Kelkar [MS]: "Re: CA key pair deposition"
- Reply: paul: "Re: CA key pair deposition"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
