|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Accessing certificate services with .netHello all,
I need to retrieve a certificate from a Microsoft Certificate Services PKI by its certificate ID and I don't know where to start. background: I have signed records in a database, each record holds the id of the certificate it has been signed with. I don't want to copy the certificates into the database because PKI holds them all. For the verification of a record signature I need to find the appropriate certificate. Has anyone a helpful link? tia, Thorsten Which type of CA do you have "stand alone" or "enterprise" ?
Enterprise stores the certs in Active Directory. I guess you can access them somehow using LDAP. Joe?? Stand alone CAs don't store the certs.. --- Dominick Baier, DevelopMentor http://www.leastprivilege.com Show quoteHide quote > Hello all, > > I need to retrieve a certificate from a Microsoft Certificate Services > PKI by its certificate ID and I don't know where to start. > background: > I have signed records in a database, each record holds the id of the > certificate it has been signed with. I don't want to copy the > certificates into the database because PKI holds them all. > For the verification of a record signature I need to find the > appropriate certificate. > Has anyone a helpful link? > tia, > Thorsten Unfortunately I don't know anything about LDAP access to MS CAs. The CA we
use internally is non-MS (although it does have an LDAP access model). From what I've seen with certs stored in AD (associated with a user), they are typically stored as binary blobs, so you can't really search them effectively using LDAP. You can only retrieve them. Joe K. -- Show quoteHide quoteJoe Kaplan-MS MVP Directory Services Programming Co-author of "The .NET Developer's Guide to Directory Services Programming" http://www.directoryprogramming.net -- "Dominick Baier" <dbaier@pleasepleasenospam_leastprivilege.com> wrote in message news:4580be63134278c89f22854f2e8f@news.microsoft.com... > Which type of CA do you have "stand alone" or "enterprise" ? > > Enterprise stores the certs in Active Directory. I guess you can access > them somehow using LDAP. Joe?? > > Stand alone CAs don't store the certs.. > > --- > Dominick Baier, DevelopMentor > http://www.leastprivilege.com > >> Hello all, >> >> I need to retrieve a certificate from a Microsoft Certificate Services >> PKI by its certificate ID and I don't know where to start. >> background: >> I have signed records in a database, each record holds the id of the >> certificate it has been signed with. I don't want to copy the >> certificates into the database because PKI holds them all. >> For the verification of a record signature I need to find the >> appropriate certificate. >> Has anyone a helpful link? >> tia, >> Thorsten > > We use an enterprise CA embedded in our AD.
I think it will be much faster and more comfortable to copy the certificates into my database than searching one using LDAP. Once loaded from the database verification is easily done by CAPICOM. Thanks for your answers! Thorsten Joe Kaplan schrieb: Show quoteHide quote > Unfortunately I don't know anything about LDAP access to MS CAs. The CA we > use internally is non-MS (although it does have an LDAP access model). From > what I've seen with certs stored in AD (associated with a user), they are > typically stored as binary blobs, so you can't really search them > effectively using LDAP. You can only retrieve them. > > Joe K. > 
Other interesting topics
How to determine required privileges?
VS2005 Throws Security Exception when run from Network!? ASP.NET Cookie Handling Client certificate error with web services Windows Authentication in VB.Net Application security problem with xp_cmdshell what about LDAP? ActiveDirectoryMembershipProvider against non microsoft LDAP How do we become a trusted publisher so ClickOnce works smoothly? IOPermission while saving configuration file |
|||||||||||||||||||||||
