Hi Dmitrij, thanks, but I have played a lot with various security settings and the problem is probably in redefined interface to some crypto-component which OpenCA does not reflect. I am investiating it together with Microsoft support (yes, really :-) ). They are comparing debug outputs from Vista/IE7 (where it works) with later versions.
Vista SP1 (SP1 is required to run IE8) does not work and throws the same error as Win 7. There is no difference between 32 and 64-bit versions. Tom Dmitrij Mironov-2 wrote: > > Hi there, > > To successfully generate CSR in IE8 on Vista/Win7 try this: > - Add your OpenCA RA site to Trusted sites (i.e. > "https://test-ra.domain.com"). > - Go to Security tab in Internet Options, then select Trusted sites and > click on Custom level button. > - Do this modifications: > Allow previously unused ActiveX controls to run without prompt: set > to Enable > Allow Scriptlets: set to Enable > Automatic prompting for ActiveX controls: set to Disable > Binary and Script behaviours: set to Enable > Display video and animation on a webpage that does not use external > media player: set to Disable > Download Signed ActiveX controls: set to Prompt > Download unsigned ActiveX controls: set to Prompt > Initialize and script ActiveX controls not marked as safe for > scripting: Prompt > Run ActiveX controls and plugins set to Enable > Script ActiveX controls marked safe for scripting: set to Enable > Close and reopen IE. > Hope this helps. > > Regards, > > Dmitrij > > > -----Original Message----- > From: tomaaak [mailto:tomas.ju...@anect.com] > Sent: 2011 m. kovo 11 d. 12:17 > To: openca-users@lists.sourceforge.net > Subject: [Openca-Users] Certificate request from Windows 7 and Internet > Explorer 8 > > > Hello, > > our OpenCA 1.1 works well with all combination of OSs and browsers, except > combination of Windows 7 and Internet Explorer 8. When user requests > certificate (when browser is to generate private key), it ends up with > alert > window telling to lower security to Medium-Low level (which enables > ActiveX > components to run). Deeper investigation reveals internal error: > > CertEnroll::CX509Enrollment::_CreateRequest: No such interface supported > 0x80004002 (-2147467262) > > It seems some parameter when calling a component is incorrect. > > Anyone encountered this? > > Tom > http://old.nabble.com/file/p31122889/final_error.png > -- > View this message in context: > http://old.nabble.com/Certificate-request-from-Windows-7-and-Internet-Explor > er-8-tp31122889p31122889.html > Sent from the openca-users mailing list archive at Nabble.com. > > > _______________________________________________ > Openca-Users mailing list > Openca-Users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/openca-users > > -- View this message in context: http://old.nabble.com/Certificate-request-from-Windows-7-and-Internet-Explorer-8-tp31122889p31369378.html Sent from the openca-users mailing list archive at Nabble.com. ------------------------------------------------------------------------------ Xperia(TM) PLAY It's a major breakthrough. An authentic gaming smartphone on the nation's most reliable network. And it wants your games. http://p.sf.net/sfu/verizon-sfdev _______________________________________________ Openca-Users mailing list Openca-Users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openca-users