[prev in list] [next in list] [prev in thread] [next in thread]
List: ms-cryptoapi
Subject: Adding extensions to PKCS10 request
From: Sahib Aulakh <sahib_aulakh () HOTMAIL ! COM>
Date: 2001-07-31 16:26:57
[Download RAW message or body]
I am creating a PKCS10 CSR using the CryptSignAndEncodeCertificate call.
However, the signed certificate I get back from Microsoft Certificate
Services does not seem to have the proper extensions. When I try to import
the received certificate blob by CertAddEncodedCertificateToStore I get --
CRYPT_E_ASN1_EOD. "ASN1 unexpected end of data." error. It seems that the
latter call expects some extensions in the certificate and fails when it
does not find these extensions.
When I create a CSR using the Microsoft XEnroll DLL, I am able to add the
received certificate by invoking CertAddEncodedCertificateToStore. The only
difference I see among the two CSR's is that the latter has the following
extensions inside it:-
Requested Extensions:
X509v3 Key Usage: critical
Digital Signature, Non Repudiation
X509v3 Extended Key Usage:
Microsoft Individual Code Signing, Code Signing
My questions is: How do I add these extensions to the CSR that I am
generating without making use of XEnroll?
Any information on this will be appreciated.
Sahib Aulakh.
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html .
To unsubscribe, mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic