Questions tagged [certenroll]

Certificate enrollment policy provides the locations of certification authorities (CAs) and the types of certificates that can be requested.

Organizations that are using Active Directory Domain Services (AD DS) can use Group Policy to provide certificate enrollment policy to domain members by using the Group Policy Management Console to configure the certificate enrollment policy settings. The Certificates snap-in can be used to configure certificate enrollment policy settings for individual client computers unless the Group Policy setting is configured to disable user-configured enrollment policy. Use the following procedures to configure certificate enrollment policy settings: Manage Certificate Enrollment Policy by Using Group Policy

Manage Certificate Enrollment Policy by Using the Certificates Snap-in

Reference.

58 questions

votes

1 answer

File not found error when creating a private key using CERTENROLLLib

System.IO.FileNotFoundException: CertEnroll::CX509PrivateKey::Create: The system cannot find the file specified. 0x80070002 (WIN32: 2) The error above is the exception thrown when I attempt to create a private key to generate a CSR using the…

asked Dec 27 '11 at 12:54

sean

11,164
8
48
56

votes

1 answer

Allowing KeyProtection for CX509PrivateKeyClass in C#

We currently have a solution to generate CA certificates using Microsoft Active Directory Certificate Services. We have an application which you can login to and you can send a request for a CA certificate. Behind the scenes this loads an iframe…

c# ssl bouncycastle ca certenroll

asked Jun 02 '20 at 10:46

Corporalis

1,032
1
9
17

votes

1 answer

Certenroll on Azure - Generating self signed certificates

I have built a creation self-signing certificates using Certenroll (CERTENROLLLib). All works locally but as soon as I deploy it to Azure I get either: Server API error: Message: CertEnroll::CX509Enrollment::_CreateRequest: Access is denied. …

c# azure self-signed x509certificate2 certenroll

asked Nov 11 '19 at 10:56

Jakub Holovsky

6,543
10
54
98

votes

1 answer

What is difference between manual installation of certificate and installation from code?

I'm working on some certificate signing tool, and my current goal is to create method, which will generate new certificate, using existing certificate as issuer. Here is method for generating certificate: public X509Certificate2…

c# ssl-certificate certenroll

asked May 10 '17 at 15:53

lentinant

votes

2 answers

Fiddler doesn't work

Fiddler almost not work for me. Seems the problem only with https. For example to open https google.com I need to wait around 40 seconds Screenshots: immediately after request after ~40 seconds Fiddler log: 18:02:46:3326 Fiddler…

fiddler makecert certenroll

asked Jan 04 '16 at 18:24

GDocal

votes

0 answers

Unable to generate a CX509PrivateKey when impersonating not logged on user

I am using a classic advapi32 based ImpersonateValidUser code. I use the user's credentials to submit a request to the CA using CertEnrollLib. I initiate the request from the private key by building a CX509PrivateKey. If the user has the profile…

c# impersonation certenroll

asked Dec 26 '15 at 12:28

zaitsman

8,984
6
47
79

votes

0 answers

Issue with Certificate enrollment API in WIndows 10

I'm trying to use CertEnroll in a website to create CSRs. It works fine on the latest versions of Internet Explorer up to IE11, except when this is running on Windows 10. I've got the CertEnroll object on my page like this:

javascript internet-explorer-11 windows-10 csr certenroll

asked Oct 20 '15 at 10:12

Micho

3,929
13
37
40

votes

2 answers

adding extensions to a certificate request ( password-challenge ) with C# and CertENrollLib

I have to add extensions to a certificate request ( CSR ) in such a way that I respect a given structure. Namely this one On the left is the structure I must respect for the chalenge password, on the right the structure I get when I simply generate …

c# smartcard certenroll

asked Jul 25 '14 at 11:56

user1211944

vote

1 answer

CertUtil: -dsPublish command FAILED: 0x800704dc (WIN32: 1244 ERROR_NOT_AUTHENTICATED)

i am trying to update the certification revocation list on a root server and want to update it on an issuing CA server. But i am facing a strange problem as below - 1. when i am trying to publish the .crl on the issuing CA using the following…

powershell pki ca certenroll

asked Jul 07 '20 at 19:53

Reese

vote

1 answer

CRYPT_E_UNEXPECTED_MSG_TYPE when creating certificate using certenroll

I am trying to create a self signed cert using certenroll, but I appear to be getting something wrong with the CSignerCertificate::Initialize as it throws an error 0x8009200a CRYPT_E_UNEXPECTED_MSG_TYPE. 'MyCustomRoot' is the name of my self signed…

c# https x509certificate x509certificate2 certenroll

asked Dec 14 '19 at 09:43

James

vote

1 answer

Cannot Request SmartCard Certs on Behalf of Users

I am creating a service to get users smartcards in a SmartCard only domain (So I can't pass the user's authentication since they haven't enrolled to smartcard so i use other authentication methods to authenticate the user) and then the user sends me…

c# .net x509certificate certificate-authority certenroll

asked Apr 11 '19 at 15:47

Igal Flegmann

vote

1 answer

CertEnroll 509PrivateKey KeyProtection password not working when using client certificate in W8 W10

We have a process where our clients sign up for X509 client certificate through CertEnroll. It works, but now one of our clients like to add one extra layer of security, so we added password to the certificate. User is asked for password when…

x509certificate certenroll

asked Mar 21 '18 at 07:42

Stefan K

vote

1 answer

Problems loading a pfx file programmatically

I am trying to create a self-signed certificate and then reading it at some point. This is the code for creating the pfx file: (source) public static void CreateSelfSignedCertificate(string subjectName) { string…

c# .net cryptography x509certificate certenroll

asked Dec 12 '17 at 11:09

iliyan tanev

vote

1 answer

Self signed certificate: Private key questions

To implement TLS encryption via SslStream i am using a self signed certificate. I am experiencing strange "no common algorithm" errors for clients connecting from an older Win2003 machine. After reading this thread i discovered the following: Those…

c# ssl x509certificate2 certenroll

asked Mar 21 '17 at 16:51

Udontknow

1,472
12
32

vote

2 answers

Unable to Install Certificate on Windows 7 using CertEnroll

We have an existing certificate issuing application (C#, ASP.NET, JavaScript) that issues certificates to Windows XP users using XenRoll in IE. I need to extend this to support Windows Vista and Windows 7 users, also using IE. For Vista and 7,…

javascript windows-7 internet-explorer-8 certificate certenroll

asked Sep 02 '10 at 14:49

Cocowalla

13,822
6
66
112

Prev 1

3 4 Next