CertOpenStore: Problem opening user certificates on a remote computer

CertOpenStore: Problem opening user certificates on a remote computer
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 General Computer Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
CertOpenStore: Problem opening user certificates on a remote computer Roh 03-16-2006
Posted by Roh on March 16, 2006, 12:18 am
If you were  Registered and logged in, you could reply and use other advanced thread options
I trying to open certificates on a remote computer using the
CertOpenStore API function. I want to read the certificates held in the
personal store for a particular user. My code works for Win NT, but for
Windows 2000 or higher, the certificate store opens but with no
certificates.

I know there are certificates in the personal certificate store for the
user I looking at, as MMC shows me them all.

I found that certificates on Windows 2000 or higher get written to
users home directory, rather than stored in the registry. But according
to MSDN this shouldn't make a difference.

If I query the personal certificate store of the user on the machine
directly I can see the certificates, but as soon as I try do it
remotely the store is empty.

Is there a bug that exists when open stores remotely on Win 2000 and
higher?

I have included a snippet of my code to open the store remotely

CertOpenStore(CERT_STORE_PROV_SYSTEM_A, 0,
NULL,
CERT_SYSTEM_STORE_USERS | CERT_STORE_READONLY_FLAG |
CERT_STORE_OPEN_EXISTING_FLAG,
"\computerName\user_SID\MY"))


Thanks for your help


Posted by Volker Birk on March 16, 2006, 1:45 am
If you were  Registered and logged in, you could reply and use other advanced thread options
> If I query the personal certificate store of the user on the machine
> directly I can see the certificates, but as soon as I try do it
> remotely the store is empty.
> Is there a bug that exists when open stores remotely on Win 2000 and
> higher?
> I have included a snippet of my code to open the store remotely
> CertOpenStore(CERT_STORE_PROV_SYSTEM_A, 0,
> NULL,
> CERT_SYSTEM_STORE_USERS | CERT_STORE_READONLY_FLAG |
> CERT_STORE_OPEN_EXISTING_FLAG,
> "\computerName\user_SID\MY"))

Did you authorize first?

Yours,
VB.
--
At first there was the word. And the word was Content-type: text/plain

Similar ThreadsPosted
Computer problem Spyware April 14, 2005, 1:33 pm
GS 14/15 Computer Forensics Job Opening in Johnstown, PA July 19, 2006, 8:20 pm
SSRT5940 rev.0 - HP-UX Mozilla remote, unauthorized user may execute privileged code April 22, 2005, 11:41 am
SSRT5940 rev.1 - HP-UX Mozilla remote, unauthorized user may execute privileged code August 9, 2005, 6:26 pm
SSRT5940 rev.2 - HP-UX Mozilla remote, unauthorized user may execute privileged code October 4, 2005, 9:55 pm
Call For Papers: WORLDCOMP'07: conferences in computer science & computer engineering, USA January 19, 2007, 4:01 am
HPSBUX02354 SSRT080113 rev.1 - HP-UX Running Netscape / Red Hat Directory Server, Remote Cross Site Scripting (XSS) or Remote Denial of Service (DoS) September 2, 2008, 8:15 am
X.509 Digital Certificates March 7, 2005, 8:56 pm
Chaining x.509 certificates April 27, 2005, 3:46 pm
Chaining x.509 certificates April 27, 2005, 3:48 pm

The site map in XML format XML site map

Contact Us | Privacy Policy