OpenSSL Users: >Hello Sergio, > >> From: Sergio Rabellino <[EMAIL PROTECTED]> >> ... >> Anyone knows how to import a 1024 bit cert into IIS ?(I prefer >> Apache/Unix, but my principal want IIS/NT support also... :-(( ) > >I don't know how to import 1024 bit certs into IIS, but you can >generate a CSR (1024 bit RSA) using NON domestic IIS4. > >If you are using SP3 you need a special schannel.dll, >Do you need it? I can send it to you. > >If you are using SP4 you don't need any special stuff. > >The basic steps are: >------------------------- > >Run RegEdit.exe > >Open (click on the + next to) HKEY_LOCAL_MACHINE, the go to the >following subkey: > > System\CurrentControlSet\Control\SecurityProviders > >Select SCHANNEL. > >On the Edit menu, select New, then choose DWord Value. A new value appears >in the right-hand pane. > >If necessary, right click on the new item and choose Rename from the >context >menu. >Type EnableSGC and press ENTER. > >Right click on EnableSGC and choose Modify. The Edit DWord Value dialog >appears. > >Type 1 (one) and click OK. > >Click Registry, then Exit to end the Registry Editor. > >This change will take effect when you next start Windows NT. > >Now you can generate CSRs of 512, 768, 1024 bits len, >a 1024 bits key doesn't mean domestic encryption (you know it). > > >> >> Ps. Where you found this trick about the usage of the physical stores ? >> > >It was found at http://support.microsoft.com/support but I don't remember >the exactly URL, sorry... > > >Ciao, >Miguel The URL where you can found this information is: http://www.microsoft.com/security/tech/sgc/EnableAGC.asp bye. Rafa
BEGIN:VCARD FN:Rafael Calzada Pradas EMAIL;INTERNET:[EMAIL PROTECTED] N:Calzada Pradas;Rafael;;;Rafael END:VCARD