Re: Encryption > access denied after importing key with Certificate
From: Roger Abell [MVP] (mvpNOSPAM@asu.edu)
Date: 09/20/02
- Next message: Jeff Cochran: "Re: Microsoft Security Bulletin MS02-052"
- Previous message: Mike McClurg: "user manager"
- In reply to: martin: "Re: Encryption > access denied after importing key with Certificate"
- Next in thread: martin: "Re: Encryption > access denied after importing key with Certificate"
- Reply: martin: "Re: Encryption > access denied after importing key with Certificate"
- Reply: martin: "Re: Encryption > access denied after importing key with Certificate"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Roger Abell [MVP]" <mvpNOSPAM@asu.edu> Date: Fri, 20 Sep 2002 07:51:40 -0700
Use of the hisecws, or hisecdc templates does not set
the system cryptography policy away from defaults
to FIPS compliant.
Your pfx is valid, as shown by having removed the
private key and then later reimporting it within the XP.
So, that leaves an issue over at W2k or with interop.
I have seen people speak of issues exporting from a
pre-SP1 XP and moving it to W2k, and like your case
have not always chased it to the cryto algorithm.
Let us know if you have done this export from XP SP1,
and what you see if the earlier was without SP1, and then
let's see if David, Mike or another MS person picks up on
this thread
-- Roger Abell MS MVP (Security, Windows), MCDBA, MCSE both Associate Expert - Windows XP ExpertZone http://www.microsoft.com/windowsxp/expertzone "martin" <martin_26@optusnet.com.au> wrote in message news:407501c26094$ecaf1a40$3aef2ecf@TKMSFTNGXA09... > Hi Roger, > > You've pointed out some valid points,I think at the > time i was using the XP "HISECWS" security template & i > believe the win2000 Pro machine was using the default > sec' template, do u think this could have something to do > with it ? > > The steps im taking to export the PFX key along with Cer > are as follows (this is done ofcourse AFTER i have > encrypted the folder) > > Open up my mmc "Certificates" snap in > >Personal Certificates/Certificates > >Right click corresponding certificate, click all tasks & > select EXPORT > >Select option to export certificate along with Key > > Under the PCKS #12 (PFX) > > i make sure all 3 boxes have ticks in them > > Include allcert's in the certification path if possible > > Enable strong protection > > Delete the private key if the export is successful > > I then provide a password, select to save file in > floppy disk & after i review the info at the end, i > receive message saying the EXPORT was successful > > When im importing the credentials in win2000pro , im > simply doubleclicking the file in the saved 3.5 floppy & > im placing the PFX/CER in the > > Certificates- Current User \Certificates\Personal Store > > Am i maybe missing a step ? ..like i said before if im in > XP & i delete the key/certificate of the HDD i obviosuly > cant open the encrypted files & when i import the PFX/CER > back in i can then open the encrypted files :).. > > thankyou for your feedback once again Roger
- Next message: Jeff Cochran: "Re: Microsoft Security Bulletin MS02-052"
- Previous message: Mike McClurg: "user manager"
- In reply to: martin: "Re: Encryption > access denied after importing key with Certificate"
- Next in thread: martin: "Re: Encryption > access denied after importing key with Certificate"
- Reply: martin: "Re: Encryption > access denied after importing key with Certificate"
- Reply: martin: "Re: Encryption > access denied after importing key with Certificate"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
