I'm trying to use sscep.exe (NDES/SCEP Windows Test Tool). In order to get a good enrollment, there is a README file contained in the zip file, which you can get on that website. So, the README file tells you to do this:
openssl.exe req -config scep.cnf -new -key priv.key -out test.csr
sscep.exe getca -u http://172.16.1.20/certsrv/mscep/ -c ca.crt
sscep.exe enroll -u http://172.16.1.20/certsrv/mscep/mscep.dll -k priv.key -r test.csr -l test.crt -c ca.crt-0 -e ca.crt-1
I used another URL which also works. The two first operations work perfectly, but when the third one is executed I always get this error:
sscep.exe: sending certificate request
sscep.exe: valid response from server
sscep.exe: error verifying signature
6448:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01:.\crypto\rsa\rsa_pk1.c:100:
6448:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed:.\crypto\rsa\rsa_eay.c:639:
6448:error:21071069:PKCS7 routines:PKCS7_signatureVerify:signature failure:.\crypto\pkcs7\pk7_doit.c:868:
I've researching on the Internet and more people had my problem but some solutions are linked on webs which already don't exist anymore. Maybe someone know this error.
Thanks
