To answer my own question, (and if anyone else is interested in) the Mailing
List for Crypto API, please look at the announcement at:
http://www.inet-one.com/cypherpunks/dir.1996.04.18-1996.04.24/msg00131.html
I found this through a Google search just now.
Regards,
Sandipan
----- Original Message -----
From: "Sandipan Gangopadhyay" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, March 28, 2001 12:57 PM
Subject: Re: XEnroll.AcceptPKCS7 returns error 0x80092004 on MS IE 5.5
> Does anyone know the address of the Microsoft CryptoAPI mailing list ?
>
> Unless I am mistaken, CEnroll matches the certificate PKCS7 with the
request
> (and related private key) before it accepts it. Like Greg says.
>
> This is essential because PKCS7 does not carry the private key. By itself,
> its contents are only fit for the Other People section, and not Personal
> Certificates section (that requires private keys to be present as well.)
>
> In other words, whereas PKCS12 will allow the key pair and certificate to
be
> installed in one shot, with CEnroll, you have to use createPKCS10 to
> generate keypair and then create request in PKCS10. This ONLY has the
public
> key.
>
> The signed public key in PKCS7 is then installed on the PC by CEnroll by
> matching it with the keypair it generated. In other words with CEnroll and
> PKCS10 and PKCS7, the private key never leaves the PC. Which makes sense.
>
> I would like to know if my view in this is not correct.
>
> Regards,
>
> Sandipan
> ----- Original Message -----
> From: "Greg Stark" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Tuesday, March 27, 2001 8:17 PM
> Subject: Re: XEnroll.AcceptPKCS7 returns error 0x80092004 on MS IE 5.5
>
>
> > This question should be asked in the Microsoft CryptoAPI mailing list.
I'm
> > not surprised by the error since there is no certificate request to
match
> up
> > against in the REQUEST store. I scanned the CEnroll stuff and couldn't
> > figure out how to do what you want.
> >
> > >From WinError.h in the Platform SDK
> > //
> > // MessageId: CRYPT_E_NOT_FOUND
> > //
> > // MessageText:
> > //
> > // Cannot find object or property.
> > //
> > #define CRYPT_E_NOT_FOUND _HRESULT_TYPEDEF_(0x80092004L)
> >
> > _____________________________________
> > Greg Stark
> > Ethentica, Inc.
> > [EMAIL PROTECTED]
> > _____________________________________
> >
> >
> >
> > ----- Original Message -----
> > From: "Roland Dirlewanger" <[EMAIL PROTECTED]>
> > To: <[EMAIL PROTECTED]>
> > Sent: Tuesday, March 27, 2001 2:29 AM
> > Subject: XEnroll.AcceptPKCS7 returns error 0x80092004 on MS IE 5.5
> >
> >
> > >
> > > I started one year ago to distribute personnal certificates in our
> > > organization. For the initial certificate, the format used was PKCS12.
> > > Recently, I had to renew the certificates.
> > >
> > > As advised in previous threads on this list, I wanted to use the
Xenroll
> > > mechanism with MSIE 5.5. In the following script, the call to
> > > Enroll.AcceptPKCS7 returns err.Number=0x80092004, but err.Description
is
> > > not set. I can't get any information on this error code from
Microsoft's
> > > Knowledge base.
> > >
> > > Note that replacing Enroll.AcceptPKCS7 by Enroll.InstallPKCS7 works
but
> > > installs the certificate in the 'Other People' section. The existing
> > > certificate in the 'Personnal' section is not updated.
> > >
> > > Could someone tell me what I'm doing wrong ?
> > >
> > > Thanks a lot in advance.
> > >
> > > Here is the VB code I use to install personnal certificates :
> > >
> > > <OBJECT CLASSID="clsid:43F8F289-7A20-11D0-8F06-00C04FC295E1"
> > > CODEBASE="xenroll.dll"
> > > ID=Enroll>
> > > </OBJECT>
> > >
> > > <SCRIPT LANGUAGE="VBSCRIPT">
> > > Sub InstallCert
> > >
> > > On Error Resume Next
> > >
> > > '"cert" is the result of the following command :
> > > 'openssl crl2pkcs7 -nocrl -certifile mycert.pem -in mycert.pem
> > >
> > > cert = "" & _
> > >
"MIIKVwYJKoZIhvcNAQcCoIIKSDCCCkQCAQExADALBgkqhkiG9w0BBwGgggosMIIE"
> > > & _
> > > ...
> > > "gLR6uDkmRYwBMQA=" & _
> > > ""
> > >
> > > Call Enroll.AcceptPKCS7(cert)
> > >
> > > --
> > > Roland Dirlewanger
> > > CNRS - Delegation Aquitaine et Poitou-Charentes
> > > Esplanade des Arts et Metiers
> > > 33402 TALENCE CEDEX
> > >
> > > Mel : [EMAIL PROTECTED], Tel : 05.57.35.58.52, Fax : 05.57.35.58.01
> > > ______________________________________________________________________
> > > OpenSSL Project http://www.openssl.org
> > > User Support Mailing List [EMAIL PROTECTED]
> > > Automated List Manager [EMAIL PROTECTED]
> >
> > ______________________________________________________________________
> > OpenSSL Project http://www.openssl.org
> > User Support Mailing List [EMAIL PROTECTED]
> > Automated List Manager [EMAIL PROTECTED]
> >
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
