[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ms-cryptoapi
Subject:    Help using session keys from IIS
From:       Cliff Strass <cstrass () EYEWIRE ! COM>
Date:       2000-12-20 17:55:53
[Download RAW message or body]


>From an ASP I am calling a COM object I created which uses the CRYPTOAPI to
Encrypt and Decrypt data using session keys. The first time the object is
used it creates a CSP and imports a public/private keyset, I am using the
CRYPT_MACHINE_KEYSET flag.  When encrypting or decrypting a message the
session key is read from file (as a blob) and imported using CryptImportKey.
When the web server machine is logged in as the web administrator account,
everything works fine. When the machine is logged in as another user or not
at all, the CryptImportKey is failing. GetLastError() returns NTE_BAD_KEYSET
(key does not exist).
When logged in as a different user I can encrypt and decrypt fine using my
CRYPTOAPI COM object outside of IIS (using an MFC test application I wrote).

Has anyone seen this before and can help me with this.

Thank you,
Cliff.

----------------------------------------------------------------
Users Guide http://msdn.microsoft.com/workshop/essentials/mail.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html .
To unsubscribe, mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM

[prev in list] [next in list] [prev in thread] [next in thread]