Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / ASP.NET / Web Services / November 2004

Tip: Looking for answers? Try searching our database.

Cannot create a test X.509 Digital Certificate for WSE 2.0 SP1

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
nid - 24 Nov 2004 19:29 GMT
I have code that using the X.506 Digital Certificates uses the X.509
certificates that are distributed with WSE 2.0 SP1 (Server Private.pfx,
etc..). The code works perfectly when using the certificates that are
distributed with WSE 2.0 SP1.

When I try to use my own generated test certificates I get errors such as
"Bad Key".

I have tried different variations of test certificate generation without too
much success. The following is one scenario that I have used:

These are the tools required.

* makecert.exe
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cptools/html/cp
grfcertificatecreationtoolmakecertexe.asp

* cert2spc.exe

* pvkimprt.exe http://office.microsoft.com/downloads/2000/pvkimprt.aspx 

Here are the steps:

1. First, use makecert.exe to create the *.cer file and the *.pvk file
> makecert -n "CN=MyCoolCert" -sv MyCoolCert.pvk MyCoolCert.cer

2. Next, use cert2spc.exe (also ships with the VS.NET SDK) to convert the
*.cer file to an *.spc file
> cert2spc MyCoolCert.cer MyCoolCert.spc
3. Finally, use pvkimprt.exe to create a *.pfx file from the previously
created *.spc and *.pvk files.
> pvkimprt -PFX MyCoolCert.spc MyCoolCert.pvk

I have tried to use makecert.exe by itself as well. Perhaps I am missing
something.

What I am looking for is if anyone has been successful in making certificate
with a private key that works properly with WSE 2.0 SP1. If so, could you
please reply with specifically what you did in order to generated and import
the certificate.

Thanks in advance....
Reply to this Message
nid - 24 Nov 2004 20:09 GMT
I found my answer I hope other people find this useful.

> makecert -n "CN=MyCoolCert" -sv MyCoolCert.pvk MyCoolCert.cer

I needed to add the following option to the command line. I believe it is
the option that allows this certificate to be used for encryption:

-sky exchange

Anyway.. I hope someone else find this information useful.

> I have code that using the X.506 Digital Certificates uses the X.509
> certificates that are distributed with WSE 2.0 SP1 (Server Private.pfx,
[quoted text clipped - 37 lines]
>
> Thanks in advance....
Reply to this Message
Martin Kulov - 27 Nov 2004 00:45 GMT
Hello nid,

Thanks for sharing this. I found this in markcert extended options:

-sky <keytype>      Subject key type
                      <signature|exchange|<integer>>.

What does these "signature|exchange|<integer>" mean?

Martin Kulov
www.codeattest.com
Reply to this Message

Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.