|
Posted by =?Utf-8?B?RG90Y29t?= on November 22, 2005, 4:39 am
If you were Registered and logged in, you could reply and use other advanced thread options
Hi,
This question is about key archival as described at
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/kyacws03.mspx#EIAA.
I have set up a certificate template that has Key Archival enabled. I have
also installed the CA Exchange template on the CA, and set Full Control
permissions on both templates for the user that is requesting a certificate
with key archival.
My VB.NET application uses the enrollment control xenroll.dll to submit the
certificate request following the model suggested in
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/seccrypto/security/requesting_a_key_archival_certificate.asp.
However, my app fails with an "Access Denied" (0x80070005) error when it
calls the GetCACertificate() method.
This happens whether or not I have enhanced the request by specifying the
key archival template and adding other relevant attributes (I examined the
code in the CA web client asp pages as a model for this).
Can anyone suggest what I am doing wrong?
--
Paul Taylor
Dotcom Software Solutions
www.dotcomsoftwaresolutions.co.uk
| 
XML site map