0

I need to submit a PKCS#10 certificate request to a certificate authority who is outside my domain. This article in MSDN shows a way to submit certificate requests within a network using ICertRequest2 COM object.

hr = CertRequest->Submit( CR_IN_ENCODEANY | CR_IN_FORMATANY, RequestStr,
                          AttributesStr, CAName, &Disp );

where

BSTR CAName = SysAllocString( L"COMPUTERNAME\\CA Name" );

My question is how do i submit my request progrmatically from the client who is outside the Domain.

I don't want to use the Microsoft web enrollment pages, as this needs to be a automated process.

My CA is 2003 Enterprise and client is XP SP3.

Any ideas please?

Thanks

Raj
  • 1,113
  • 1
  • 17
  • 34
  • You could copy the file to a domain member computer (or even the CA), and run a program from there... – Borealid Aug 02 '10 at 21:18
  • @borelid This is something(a webservice) which, i will be doing finally, if there is no other option/established approach. – Raj Aug 03 '10 at 08:48

1 Answers1

0

In general, this can be done in few ways

  1. Manually with some audit procedures between the CA and the participating entity/user

  2. Semi automatically using the MS windows provided web URL/enrolment page, certsrv

  3. Write your own solution, say, a web service to liaise between user and the CA

Raj
  • 1,113
  • 1
  • 17
  • 34