Re: CA key pair deposition

From: paul (paul@rettersen.de)
Date: 08/30/02 

From: "paul" <paul@rettersen.de>
Date: Fri, 30 Aug 2002 05:45:20 -0700

Hi David,

thanks for your posting.
I will check the C:\Doc... directory on Monday, but there
may be only the Certificate ... the CA-Certificate is in
the "Root" Directory of the C - HardDisk.
But I´m looking for the Public and Private Key of the CA !
Do you know which regKey (if it is one) may it be ?

thanks a lot
best regards
-paul

>-----Original Message-----
>example: C:\Documents and Settings\dcross\Application
>Data\Microsoft\SystemCertificates\My
>
>
>--
>
>David B. Cross [MS]
>
>--
>This posting is provided "AS IS" with no warranties, and
confers no rights.
>
>"paul" <paul@rettersen.de> wrote in message
>news:bcb801c24f78$9d4cc880$9ae62ecf@tkmsftngxa02...
>Hi,
>
>thanks a lot for your postings and the link about DPAPI.
>But which regKeys, are the private and public key ? okay,
>they are protected by DPAPI - but is there any
>encrypted "thing" in the registry ? and where :)
>
>thanks
>-paul
>
>>-----Original Message-----
>>The CA runs as the SYSTEM account which implies that the
>keys are stored in
>>the machine store of the local system. You can use a HSM
>of course with a
>>third party CSP to store the keys elsewhere of couse.
>>
>>keys are protected by DPAPI and are generated using
>CryptGenRandom
>>
>>http://msdn.microsoft.com/library/default.asp?
>url=/library/en-us/dnsecure/ht
>>ml/windataprotection-dpapi.asp
>>
>>--
>>
>>David B. Cross [MS]
>>
>>--
>>This posting is provided "AS IS" with no warranties, and
>confers no rights.
>>
>>"paul" <paul@rettersen.de> wrote in message
>>news:94ee01c24e84$9c1d7120$35ef2ecf@TKMSFTNGXA11...
>>hi,
>>
>>i´m trying to make a PKI with .NET RC1. I need it for a
>>VPN-Solution (L2TP/IPSec).
>>After the installation of an enterprise CA I´m trying to
>>find out where the key pair (private and public key of
>>the CA), which the "wizzard" generated, could be.
>>
>>Is there any whitepaper, which descibes how the wizzard
>>generates keys (random, etc.) and where the keys are ?
>>
>>thanks a lot
>>best regards
>>-paul
>>
>>
>>.
>>
>
>
>.
>

Relevant Pages

  • Re: Damsel in distress!
    ... I love the title to this posting. ... with any DDL and are not writting in SQL ... Please post DDL, so that people do not have to guess what the keys, ...
    (microsoft.public.sqlserver.programming)
  • Re: Validation Fail, VLK, sysprepd to OEM key on bottom of laptop.
    ... I don't think I'd want to be a customer of his after posting the keys. ... David H. Lipman wrote: ...
    (microsoft.public.windowsupdate)
  • Re: Partition HD in XP and Win 98
    ... why are you posting a response when... ... maybe you're just being a dick to someone who has a ...
    (microsoft.public.windowsxp.basics)
  • Re: Ctrl P and Ctrl F Not working, also XP COAs For sale
    ... Essex Laptops - Andy Usher wrote: ... I have googled for this before posting. ... Its so frustrating. ... if you used to short cut key's but 2 keys at ...
    (uk.adverts.computer)
  • Re: certificate revocation doesnt work
    ... If you want to archive your encryption keys, ... This posting is provided "AS IS" with no warranties, and confers no rights. ... >>> Why isn't this kept in AD so when a user loogs in the cert is marked ...
    (microsoft.public.win2000.security)