Dr. Andreas Greulich wrote:
>
> Hi all!
>
> This probably is a stupid question... but I am a bit tired trying to find out
> how things work on NT machines, and maybe some of you knwo an easy answer...
>
> "certmgr.exe -s My" produces the output (shortened a bit)
> ==============Certificate # 1 ==========
> v1.0 Container: 813fa804-ebc7-11d1-9e18-00805fa13dfd KeySpec: 2
Useful. From this I can see you are using the default AT_SIGNATURE flags
when the keys is created. MSIE specifically needs AT_KEYEXCHANGE or it
wont display it.
This can be done with KeySpec to 1 in the enrollment form.
The standard mandatory warning is due here: you should set GenKeyFlags
to 3 or you have any program running as the same user can silently read
the private key. With the older certenr3 you have no choice but to do
this as there is no option to increase the security level.
Steve.
--
Dr Stephen N. Henson.
UK based freelance Cryptographic Consultant. For info see homepage.
Homepage: http://www.drh-consultancy.demon.co.uk/
Email: [EMAIL PROTECTED]
PGP key: via homepage.
+-------------------------------------------------------------------------+
| Administrative requests should be sent to [EMAIL PROTECTED] |
| List service provided by Open Software Associates, http://www.osa.com/ |
+-------------------------------------------------------------------------+
