Right
pkcs7 = result.header.pkcs7ChainBase64
is all native to our installation and how we get the cert back from the CA
so you should have
pkcsa7 =< wherever or however you get your cert >
| Mark Liu <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED] 02/27/03 09:25 AM
|
To: [EMAIL PROTECTED] cc: Subject: Re: Importing PKCS7 Certificate Into Internet Explorer |
Thanks a lot, Mark,
I actually read that MSDN description of acceptPKCS7
function, which does not say what "result" is.
Do you mean that "result" is actually a reserved key
word in VBScript that refers to an HTTP response?
In other words, "result" is not the name of a hidden
HTML form?
Thanks.
Mark
--- [EMAIL PROTECTED] wrote:
> ----- Forwarded by Mark Shoneman/DLX Guest on
> 02/27/03 06:36 AM -----
>
>
> Mark Liu <[EMAIL PROTECTED]>
> Sent by: [EMAIL PROTECTED]
> 02/26/03 06:07 PM
> Please respond to openssl-users
>
>
> To: [EMAIL PROTECTED]
> cc:
> Subject: Importing PKCS7 Certificate
> Into Internet Explorer
>
>
> Mr. Mark Shoneman gave a fragment of VBScript code
> to
> import a PKCS7 certificate into Internet Explorer.
>
> The code is pasted below.
>
> I am very dumb at VBScript, and have difficulty
> understanding line 5, i.e.,
>
> pkcs7 = result.header.pkcs7ChainBase64
>
> Question 1: What object is the "result"?
>
> See below
>
> Question 2: Does this line suggest that the PEM
> certificate is returned to the client in the HTTP
> response header?
>
> You bet
>
> Question 3: What is pkcs7ChainBase64?
>
> What I call the PEM certificate returned from the CA
>
> The acceptPKCS7 method accepts and processes a PKCS
> #7 message containing a certificate.
> The PKCS #7 is input as a parameter. This method was
> first defined in the ICEnroll interface.
> HRESULT acceptPKCS7(
> BSTR PKCS7
> );
> Parameters
> PKCS7
> [in] Represents the base64-encoded PKCS #7
> containing the certificate and
> the chain of certificates identifying the issuer.
> Return Values
> The return value is an HRESULT. A value of S_OK
> indicates success. Upon successful completion of
> this
> function, the PKCS7 will be accepted.
> Remarks
> The PKCS #7 input as a parameter for acceptPKCS7
> contains the request certificate and the chain of
> certificates
> identifying the issuer of the certificate.
> Typically, but not always, the
> chain of certificates does not include the root. The
> PKCS #7 can be in
> base64-encoded, binary, or X.509 certificate format
> (with or without the begin cert / end cert tags).
> The certificate and the associated keys generated
> for it are put in the
> MY store. A root certificate is placed in the ROOT
> store and the rest of the chain of certificates are
> placed in the certification authority (CA) store. If
> any ROOT certificates found in the PKCS #7 are
> accepted,
> Crypt32 will notify the user that a ROOT certificate
> is being added to his
> store. The user has the option of declining the ROOT
> certificate. This
> option is provided so that the user can decline to
> place an untrusted root
> in the ROOT store. Declining to place the ROOT in
> the ROOT store will not
> cause Certificate Enrollment Control to fail
> acceptance.
> By default, the system stores MY, CA, ROOT, and
> REQUEST are used to store
> the certificates. However, you can specify other
> stores by assigning the
> following properties before calling this method:
>
>
> Please kindly educate me. Thanks a lot.
>
> <MrMarkShoneMan'sVBScriptCode>
>
> 1. Sub ImportCertificate
>
> 2. Dim pkcs7
>
> 3. On Error Resume Next
>
> 4. 'Convert the PEM cert to PKCS7 format
> 5. pkcs7 = result.header.pkcs7ChainBase64
> 6. If (IsEmpty(pkcs7) OR theError <> 0) Then
> 7. ret = MsgBox("Could not convert
> certificate
> to PKCS7 format", 0, "Import Cert")
> 8. Exit Sub
> 9. End If
>
> 10. 'Import the PKCS7 object
> 11. Enroll.DeleteRequestCert = FALSE
> 12. Enroll.WriteCertToCSP = true
> 13. Enroll.acceptPKCS7(pkcs7)
> 14. if err.number <> 0 then
> 15. Enroll.WriteCertToCSP = false
> 16. end if
> 17. err.clear
> 18. Enroll.acceptPKCS7(pkcs7)
> 19. if err.number = 0 then
> 20. MsgBox "Certificate has been successfully
> imported.",0,"Certificate Success"
> 21. else
> 22. sz = "Error in acceptPKCS7. Error Number "
> &
> Hex(err.number) & "occurred."
> 23. MsgBox sz
> 24. end if
>
> 25. Exit Sub
>
> 26. End Sub
>
> 27. ImportCertificate()
>
> </MrMarkShoneMan'sVBScriptCode>
>
> __________________________________________________
> Do you Yahoo!?
> Yahoo! Tax Center - forms, calculators, tips, more
> http://taxes.yahoo.com/
>
______________________________________________________________________
> OpenSSL Project
> http://www.openssl.org
> User Support Mailing List
> [EMAIL PROTECTED]
> Automated List Manager
> [EMAIL PROTECTED]
>
>
> ATTACHMENT part 2 application/x-pkcs7-signature
name=smime.p7s
__________________________________________________
Do you Yahoo!?
Yahoo! Tax Center - forms, calculators, tips, more
http://taxes.yahoo.com/
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
smime.p7s
Description: S/MIME Cryptographic Signature
