Hi, Have a question. Is this the Windows native store for CA certificates ? Which MS help doc. are you referring ? We want a secure storage facility for all our certificates but we don't to buy a separate product.
Thanks, Mohan On Wed, Sep 8, 2010 at 5:10 AM, Dongsheng Song <dongsheng.s...@gmail.com> wrote: > Are you test with 2008/win7 ? > > My self-signed certificate can automatically goto 'Trusted Root > Certification Authorities' > on XP/2k3 box, but not 2008 box. > > If the answer is 'YES', could you share the configuration ? > > Because I compared my self-signed certificate with microsoft 2010 ROOT CA, > no valuable > difference. > > Thanks, > Dongsheng > > On Wed, Sep 8, 2010 at 01:59, Jakob Bohm <jb-open...@wisemo.com> wrote: >> >> On 07-09-2010 09:59, Dongsheng Song wrote: >>> >>> Hi, >>> >>> When I install my self-signed certificate to 'Certificate Store' of >>> Windows 2008, >>> if I select 'Automatically select the certificate store based on the >>> type of certificate', >>> then the self-signed certificate will be in the 'Intermediate >>> Certification Authorities', >>> not 'Trusted Root Certification Authorities'. >>> >>> How can I create self-signed certificate with correct certificate TYPE ? >>> >>> Regards, >>> Dongsheng >> >> Note that this did NOT happen with the self-signed CA root cert that I >> created with openssl (via a GUI front end) for our internal network CA. >> (Used for such boring tasks as SSL certificates for domain controllers >> etc.). >> >> It has the following attributes (anonymised here): >> >> Certificate: >> Data: >> Version: 3 (0x2) >> Serial Number: >> f8:dd:1a:38:49:01:61:a4 >> Signature Algorithm: sha1WithRSAEncryption >> Issuer: C=XX, L=Somecity, O=OurCompany, CN=OurCompany Inc. >> Validity >> Not Before: Apr 19 18:41:02 2010 GMT >> Not After : Apr 16 18:41:02 2020 GMT >> Subject: C=XX, L=Somecity, O=OurCompany, CN=OurCompany Inc. >> Subject Public Key Info: >> Public Key Algorithm: rsaEncryption >> RSA Public Key: (4096 bit) >> Modulus (4096 bit): >> (Omitted) >> Exponent: 65537 (0x10001) >> X509v3 extensions: >> X509v3 Subject Key Identifier: >> 9E:37:BE:96:A4:55:F4:B9:6A:27:85:0F:F8:A2:6F:EE:E4:3D:B4:35 >> X509v3 Authority Key Identifier: >> >> keyid:9E:37:BE:96:A4:55:F4:B9:6A:27:85:0F:F8:A2:6F:EE:E4:3D:B4:35 >> DirName:/C=XX/L=Somecity/O=OurComapany/CN=OurCompany Inc. >> serial:F8:DD:1A:38:49:01:61:A4 >> >> X509v3 Basic Constraints: critical >> CA:TRUE >> Netscape Cert Type: >> SSL CA, S/MIME CA, Object Signing CA >> X509v3 Issuer Alternative Name: >> <EMPTY> >> >> Netscape Comment: >> WiseMo Internal CA >> Netscape CA Revocation Url: >> https://SomeInternalServer/somename.crl >> Netscape Revocation Url: >> https://SomeInternalServer/somename.crl >> X509v3 Key Usage: critical >> Certificate Sign, CRL Sign >> Signature Algorithm: sha1WithRSAEncryption >> (omitted) >> >> ______________________________________________________________________ >> OpenSSL Project http://www.openssl.org >> User Support Mailing List openssl-us...@openssl.org >> Automated List Manager majord...@openssl.org > > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org