[prev in list] [next in list] [prev in thread] [next in thread]
List: ms-cryptoapi
Subject: Re: iisca and sp4
From: John Banes <jbanes () MICROSOFT ! COM>
Date: 1999-02-18 19:30:10
[Download RAW message or body]
IIS stores its trusted roots in the local machine "Trusted Root
Certification Authorities" certificate store. Programatically, this is known
as the local machine "ROOT" certificate store. After adding certificate to
this store, it is necessary to restart the iisadmin service (inetinfo.exe
process), or reboot the machine.
-----Original Message-----
From: Mark Ciccarello [mailto:mciccare@ROMULUS.NCSC.MIL]
Sent: Thursday, February 18, 1999 10:49 AM
To: CryptoAPI@DISCUSS.MICROSOFT.COM
Subject: Re: iisca and sp4
Any further experiences with this ?
I have not been able to incorporate a CA into the list
that IIS (4.0 on NT 4.0 / SP4 / 128 bit) uses.
Neither the execution of iisca.exe nor the importation of the
CA certificate into Trusted CA Authorities/ LocalMachine via
the wizard, as prescribed in the knowledge base article, proved effective.
Presumably, the CA certificate can be added to the appropriate
certificate store programmatically via the CryptoAPI.
Which Certificate Store - exactly - is IIS using ?
Thanks,
Mark Ciccarello
On Fri, 13 Nov 1998 09:38:11 -0800, Nikhil G. Daddikar <ngd@UNITEDWEBS.COM>
wrote:
>I had a similar problem. But then I followed the instructions given in:
>http://support.microsoft.com/support/kb/articles/q194/5/07.asp?FR=0
>
>NOTE: I still had to run IISCA (maybe because I have 128 bit sp4)
>
>-----Original Message-----
>From: Mads Toftum <mads@TOFTUM.DK>
>To: CryptoAPI@DISCUSS.MICROSOFT.COM <CryptoAPI@DISCUSS.MICROSOFT.COM>
>Date: Friday, November 13, 1998 6:23 AM
>Subject: iisca and sp4
>
>
>>Hello all,
>>
>>I used to be able to transfer trusted Certifiying Authorities
>>from IE to IIS by using the iisca util in \winnt\system32\inetsrv
>>but on machines with Sp4 I'm getting nowhere. The iisca util says
>>List of valid Certifiying Authorities ( CA ) successfuly transferred to
IIS
>>but the CA never appears on the list that I can use to make client
>>certificate based access control.
>>Any ideas?
>>
>>The setup: NT4 sp4 + Option Pack (IIS4) set to require client
certificates.
>>works like a charm on a similar machine with sp3
>>
>>BTW: Does anyone know of a way to change the crl distribution point for a
>>CA? Or perhaps an isapi filter to make my own crl check on incoming certs.
>>
>>vh
>>
>>Mads Toftum, QDPH
>>---
>>QOTD:
>>"I used to be an idealist, but I got mugged by reality."
>>
>>----------------------------------------------------------------
>>Users Guide http://www.microsoft.com/workshop/essentials/mail.asp
>>contains important info including how to unsubscribe. Save time, search
>>the archives at http://discuss.microsoft.com/archives/index.html
>>
>
>BEGIN:VCARD
>VERSION:2.1
>N:Daddikar;Nikhil;G
>FN:Nikhil G Daddikar
>ORG:United Webs, Inc.
>ADR;WORK;ENCODING=QUOTED-PRINTABLE:;(650) 842-8427;3400 Hillview
Ave
Bldg. 5;Palo Alto;California;94304;US>A
>LABEL;WORK;ENCODING=QUOTED-PRINTABLE:(650) 842-8427
3400 Hillview
Ave
Bldg. 5
Palo Alto, Californi>a 94304
USA
>EMAIL;PREF;INTERNET:ngd@unitedwebs.com
>REV:19981113T173811Z
>END:VCARD
>
----------------------------------------------------------------
Users Guide http://www.microsoft.com/workshop/essentials/mail.asp
contains important info including how to unsubscribe. Save time, search
the archives at http://discuss.microsoft.com/archives/index.html
----------------------------------------------------------------
Users Guide http://www.microsoft.com/workshop/essentials/mail.asp
contains important info including how to unsubscribe. Save time, search
the archives at http://discuss.microsoft.com/archives/index.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic