Re: Need some information about certificates



You may also want to post in the Microsoft.public.security.newsgroup. The
standard procedure is that you use a private key for signing and then the
receiver uses your public key to verify the signature but for encryption you
use an entities public key to encrypt the data and then the recipient uses
their private key to decrypt the data. Public keys are generally not secured
and freely distributed [while private keys must be secured] which would mean
in your scenario that it could be possible for someone other then the
intended recipient be able to derypt the data. That is the way that email
smine would work for secure email for instance. --- Steve


"Shawn" <bossman100@xxxxxxxxxxx> wrote in message
news:%23nYXzx8QGHA.5584@xxxxxxxxxxxxxxxxxxxxxxx
Hi.
Let me just start by saying that I have very very little experience with
certificates. That being said, let me explain what I need:
I'm creating a windows application that connects to our client's web
service. The web service is set up with WSE 2.0 and requires me to
encrypt
and sign the data I send to it. I've been told that I need a server
certificate installed on the server running my application. The
certificate
will be used to encrypt and sign the data that is being sent (using the
certificate's private key). Then we have to export our certificate with a
public key to our client so that they can use our certificate's public key
to decrypt the data. Does this sound right?

Anyway, my question is this: How do I create a request for this
certificate? I know that I can create a request for a certificate in IIS,
but it doesn't sound to me like this is the same kind of certificate that
I
would be installing if I was hosting a web site with SSL/HTTPS. After
all,
I'm not running any web applications on the server, just an application
that
needs to encrypt and sign data sent to a web service through HTTP. Am I
wrong here? Is it the same kind of certificate I have to request? Or am I
right, and if so, is there another way of creating a request?

Any help is sooooo very much appreciated!!

Thanks,
Shawn

PS. We are using Windows Server 2003




.



Relevant Pages

  • Re: RSACryptoServiceProvider decrypt with public key
    ... key/decrypt with the private key and encrypt with the private key/decrypt ... encrypt data and send it back to Alice. ... only she can decrypt Bob's data. ... see the public key and the encrypted data, but she could not decrypt Bob's ...
    (microsoft.public.dotnet.security)
  • Re: Public Encryption Key
    ... encrypt the message with the recipient's public key (or ... the two can be combined by: first do a digital signature of the ... certificate, certifying the validity of the assertion (ex: ...
    (comp.security.misc)
  • Re: Public Encryption Key
    ... encrypt the message with the recipient's public key (or ... the two can be combined by: first do a digital signature of the ... certificate, certifying the validity of the assertion (ex: ...
    (sci.crypt)
  • Re: Encryption Issue
    ... certificate from our CA(We have our own CA for the company so certificates ... understand it he should not have or need my private key to open the email. ... recipient's public key is used by the sender to encrypt the message. ...
    (microsoft.public.outlook.general)
  • Re: how to have a gpg public key?
    ... Having just a public key doesn't do you much good. ... You need both a private key and a public key; ... can encrypt and decrypt your messages and you are just ...
    (Debian-User)