0

So...following the recommendations found here, my goal is to get a code-signing certificate which uses the "Microsoft Enhanced RSA and AES Cryptographic Provider" (type 24) CSP.

Using Microsoft Management Console (mmc), and followingDigiCert's instructions, which , I'm trying to create a custom CSR with this CSP type.

My problem is that, in the 'Private Key' tab, I'm unable to select the provider I need - the checkbox is grayed-out, and below is the following message:

"The selected cryptographic service provider (CSP) cannot be used because a cryptography next generation (CNG) provider is required. Select a CNG provider and try again"

I verified the existence of this provider using 'certutil -csplist'

Any ideas?

My machine is Windows Server 2016

bavaza
  • 1
  • 1
  • 2
  • 2
    When you start the process make sure you set the template to "LEGACY KEY" instead of "CNG KEY". – Igor Oct 12 '18 at 20:38

1 Answers1

0

I faced this issue and figured out there are two places that limits the items displayed in CSP listbox

1'st Place:

enter image description here

2'nd Place:

enter image description here

Hemendr
  • 99
  • 3