J
Johan Delimon
Hello,
I have created an ASP page that requests special V2.0 Certificates for a user.
This is to use with our VPN solution.
My code errors on this line:
requeststr = CertEnroll.createRequest(XECR_CMC,dn, "")
This ASP page/Application has anonymous disabled and has Basic
Authentication Configured with SSL.
When I run this ASP page from any browser it gives me an '80070002' error.
But very strange is that from the moment that I logon via Terminal Session
to the Webserver with the user account logged into the web page my web page
runs fine (still running IE on workstation not on Server, I repeat the same
task again on the client)
So I checked some things and The requesting users have log on locally and
log on with terminal services.
This has me puzzled and I don't know what to do.
It Seems that the createrequest function needs something in the users
profile? Or Temp directory? Even with an enterprise admin account I have the
same error.
Does anyone know how to solve this?
Some searching on the internet found this but there is no workarround or
solution!
I have the error similar to this one:
http://groups.google.be/group/micro...roll+0x80070002&rnum=1&hl=nl#c81d12a78d980f86
Full Function is below
sub CreateCert(dn,displ)
Const AT_KEYEXCHANGE = 1
Const XECR_PKCS10_V2_0 = 1
Const XECR_CMC = 3
Const CR_IN_ENCODEANY = &HFF
Const CR_IN_FORMATANY = &H0
Const CR_DISP_ISSUED = &H3
Const FR_PROP_FULLRESPONSE = &H1
Const FR_PROP_ISSUEDCERTIFICATE = &H11
Const CR_OUT_BASE64 = &H1
Const PROPTYPE_BINARY = &H3
Set CertEnroll = Server.CreateObject("CEnroll.CEnroll")
CertEnroll.ProviderName = "Microsoft Enhanced Cryptographic Provider v1.0"
CertEnroll.KeySpec = AT_KEYEXCHANGE
CertEnroll.GenKeyFlags = 1024 * (256 *256) +1
CertEnroll.addCertTypeToRequest(CertificateTemplate)
Set CertRequest = Server.CreateObject("CertificateAuthority.Request")
'Response.Write "<br>" & dn
'requeststr =
CertEnroll.createRequest(XECR_CMC,dn,"1.3.6.1.5.5.7.3.2,1.3.6.1.5.5.7.3.4")
requeststr = CertEnroll.createRequest(XECR_CMC,dn, "")
'Response.Write "<br>" & err.Description & " : " & err.number & " : " &
err.Source
'Response.Write "<br>" & dn
'WScript.Echo requeststr
disposition = CertRequest.Submit(CR_IN_ENCODEANY Or CR_IN_FORMATANY,
requeststr, "", CAConfig)
ID = CertRequest.GetRequestId()
'WScript.Echo ID
If disposition = CR_DISP_ISSUED Then
Dim Cert
Cert =
CertRequest.GetFullResponseProperty(FR_PROP_FULLRESPONSE,0,PROPTYPE_BINARY,
CR_OUT_BASE64)
CertEnroll.acceptResponse Cert
Cert = CertRequest.GetCertificate(CR_OUT_BASE64)
'Response.Write Cert
set certif = Server.CreateObject("CAPICOM.Certificate")
certif.import Cert
'Response.Write "<br>Valid To : " & certif.ValidToDate
SetSerialInAd dn,certif.SerialNumber
SetExpirationInAd dn,Cstr(certif.ValidToDate)
Dim filename
filename = CertificatesPath & displ & ".pfx"
Dim fso
Set fso = CreateObject("Scripting.FileSystemObject")
If (fso.FileExists(filename)) Then
fso.DeleteFile filename,true
End If
CertEnroll.createFilePFX PfxPassword,filename
response.Write "<div class='Box'>"
Response.Write GenerateTableLine ("GoLtrHS.gif","Certificate was created
Successfully!")
Response.Write "<br><br>" & GenerateTableLine ("infoBubble.gif","User :
" & displ)
Response.Write GenerateTableLine ("infoBubble.gif","<a href='pfx/" &
displ & ".pfx'>Download Certificate File</a>")
'Response.Write "<img src='Images/GoLtrHS.gif'/> Certificate was created
Successfully!"
'Response.Write "<br><br>User : " & displ
'Response.Write "<br><a href='pfx/" & displ & ".pfx'>Download Certificate
File</a>"
Else
GenerateError CStr(CertRequest.GetLastStatus())
End if
end sub
I have created an ASP page that requests special V2.0 Certificates for a user.
This is to use with our VPN solution.
My code errors on this line:
requeststr = CertEnroll.createRequest(XECR_CMC,dn, "")
This ASP page/Application has anonymous disabled and has Basic
Authentication Configured with SSL.
When I run this ASP page from any browser it gives me an '80070002' error.
But very strange is that from the moment that I logon via Terminal Session
to the Webserver with the user account logged into the web page my web page
runs fine (still running IE on workstation not on Server, I repeat the same
task again on the client)
So I checked some things and The requesting users have log on locally and
log on with terminal services.
This has me puzzled and I don't know what to do.
It Seems that the createrequest function needs something in the users
profile? Or Temp directory? Even with an enterprise admin account I have the
same error.
Does anyone know how to solve this?
Some searching on the internet found this but there is no workarround or
solution!
I have the error similar to this one:
http://groups.google.be/group/micro...roll+0x80070002&rnum=1&hl=nl#c81d12a78d980f86
Full Function is below
sub CreateCert(dn,displ)
Const AT_KEYEXCHANGE = 1
Const XECR_PKCS10_V2_0 = 1
Const XECR_CMC = 3
Const CR_IN_ENCODEANY = &HFF
Const CR_IN_FORMATANY = &H0
Const CR_DISP_ISSUED = &H3
Const FR_PROP_FULLRESPONSE = &H1
Const FR_PROP_ISSUEDCERTIFICATE = &H11
Const CR_OUT_BASE64 = &H1
Const PROPTYPE_BINARY = &H3
Set CertEnroll = Server.CreateObject("CEnroll.CEnroll")
CertEnroll.ProviderName = "Microsoft Enhanced Cryptographic Provider v1.0"
CertEnroll.KeySpec = AT_KEYEXCHANGE
CertEnroll.GenKeyFlags = 1024 * (256 *256) +1
CertEnroll.addCertTypeToRequest(CertificateTemplate)
Set CertRequest = Server.CreateObject("CertificateAuthority.Request")
'Response.Write "<br>" & dn
'requeststr =
CertEnroll.createRequest(XECR_CMC,dn,"1.3.6.1.5.5.7.3.2,1.3.6.1.5.5.7.3.4")
requeststr = CertEnroll.createRequest(XECR_CMC,dn, "")
'Response.Write "<br>" & err.Description & " : " & err.number & " : " &
err.Source
'Response.Write "<br>" & dn
'WScript.Echo requeststr
disposition = CertRequest.Submit(CR_IN_ENCODEANY Or CR_IN_FORMATANY,
requeststr, "", CAConfig)
ID = CertRequest.GetRequestId()
'WScript.Echo ID
If disposition = CR_DISP_ISSUED Then
Dim Cert
Cert =
CertRequest.GetFullResponseProperty(FR_PROP_FULLRESPONSE,0,PROPTYPE_BINARY,
CR_OUT_BASE64)
CertEnroll.acceptResponse Cert
Cert = CertRequest.GetCertificate(CR_OUT_BASE64)
'Response.Write Cert
set certif = Server.CreateObject("CAPICOM.Certificate")
certif.import Cert
'Response.Write "<br>Valid To : " & certif.ValidToDate
SetSerialInAd dn,certif.SerialNumber
SetExpirationInAd dn,Cstr(certif.ValidToDate)
Dim filename
filename = CertificatesPath & displ & ".pfx"
Dim fso
Set fso = CreateObject("Scripting.FileSystemObject")
If (fso.FileExists(filename)) Then
fso.DeleteFile filename,true
End If
CertEnroll.createFilePFX PfxPassword,filename
response.Write "<div class='Box'>"
Response.Write GenerateTableLine ("GoLtrHS.gif","Certificate was created
Successfully!")
Response.Write "<br><br>" & GenerateTableLine ("infoBubble.gif","User :
" & displ)
Response.Write GenerateTableLine ("infoBubble.gif","<a href='pfx/" &
displ & ".pfx'>Download Certificate File</a>")
'Response.Write "<img src='Images/GoLtrHS.gif'/> Certificate was created
Successfully!"
'Response.Write "<br><br>User : " & displ
'Response.Write "<br><a href='pfx/" & displ & ".pfx'>Download Certificate
File</a>"
Else
GenerateError CStr(CertRequest.GetLastStatus())
End if
end sub