|
Posted by =?Utf-8?B?U2Ftbw==?= on April 6, 2006, 5:40 am
If you were Registered and logged in, you could reply and use other advanced thread options
I found the following after some research:
There is a folder in the user profile which contains files named like
"A49B48935FDB42A0A2728D5D34FF429A9FF9455D"
This folder store the Thumbprint of personal certificates and the file name
is exactly the thumbprint value of the certificates.
Profile Location is: %Systemroot%\Documents and
Settings\%username%\Application
Data\Microsoft\SystemCertificates\My\Certificates
Checking certificates details (both private and public keys) I found that
this is the Thumbprint value "a4 9b 48 93 5f db 42 a0 a2 72 8d 5d 34 ff 42 9a
9f f9 45 5d"
Now what we need to find a way to read the Thumbprint value of public
certificate installed on AD User account and read the file names in the
folder above then compare.
If thumbprint value exist in file name list then the new private certificate
.pfx key is installed properlly
If not found then it's not installed properlly and we follow up on it.
Hope to get some Ideas to realize my Ideas.
If I found more I'll let you know as well..
--
best regards,
Samo
"Samo" wrote:
> we've distributed .pfx files email security certificates to pki users.
> we are using standalone subordinate CA.
>
> how can we check using registry or other method remotelly if the user
> installed the certificate properlly with user knowledge. as we are the
> administrators !
>
> we just need like certificate serial number installed and its expiry date
> (validity) info.
>
> thanks
> --
> best regards,
> Samo
| 
XML site map