Create Certificate Error '80070002'

Discussion in 'ASP General' started by Johan Delimon, Oct 25, 2005.

  1. Hello,

    I have created an ASP page that requests special V2.0 Certificates for a user.
    This is to use with our VPN solution.

    My code errors on this line:
    requeststr = CertEnroll.createRequest(XECR_CMC,dn, "")

    This ASP page/Application has anonymous disabled and has Basic
    Authentication Configured with SSL.

    When I run this ASP page from any browser it gives me an '80070002' error.
    But very strange is that from the moment that I logon via Terminal Session
    to the Webserver with the user account logged into the web page my web page
    runs fine (still running IE on workstation not on Server, I repeat the same
    task again on the client)
    So I checked some things and The requesting users have log on locally and
    log on with terminal services.

    This has me puzzled and I don't know what to do.
    It Seems that the createrequest function needs something in the users
    profile? Or Temp directory? Even with an enterprise admin account I have the
    same error.

    Does anyone know how to solve this?

    Some searching on the internet found this but there is no workarround or
    solution!
    I have the error similar to this one:
    http://groups.google.be/group/micro...roll 0x80070002&rnum=1&hl=nl#c81d12a78d980f86


    Full Function is below

    sub CreateCert(dn,displ)
    Const AT_KEYEXCHANGE = 1
    Const XECR_PKCS10_V2_0 = 1
    Const XECR_CMC = 3
    Const CR_IN_ENCODEANY = &HFF
    Const CR_IN_FORMATANY = &H0
    Const CR_DISP_ISSUED = &H3
    Const FR_PROP_FULLRESPONSE = &H1
    Const FR_PROP_ISSUEDCERTIFICATE = &H11
    Const CR_OUT_BASE64 = &H1
    Const PROPTYPE_BINARY = &H3

    Set CertEnroll = Server.CreateObject("CEnroll.CEnroll")
    CertEnroll.ProviderName = "Microsoft Enhanced Cryptographic Provider v1.0"
    CertEnroll.KeySpec = AT_KEYEXCHANGE
    CertEnroll.GenKeyFlags = 1024 * (256 *256) +1
    CertEnroll.addCertTypeToRequest(CertificateTemplate)

    Set CertRequest = Server.CreateObject("CertificateAuthority.Request")

    'Response.Write "<br>" & dn
    'requeststr =
    CertEnroll.createRequest(XECR_CMC,dn,"1.3.6.1.5.5.7.3.2,1.3.6.1.5.5.7.3.4")
    requeststr = CertEnroll.createRequest(XECR_CMC,dn, "")
    'Response.Write "<br>" & err.Description & " : " & err.number & " : " &
    err.Source
    'Response.Write "<br>" & dn
    'WScript.Echo requeststr

    disposition = CertRequest.Submit(CR_IN_ENCODEANY Or CR_IN_FORMATANY,
    requeststr, "", CAConfig)

    ID = CertRequest.GetRequestId()
    'WScript.Echo ID

    If disposition = CR_DISP_ISSUED Then
    Dim Cert
    Cert =
    CertRequest.GetFullResponseProperty(FR_PROP_FULLRESPONSE,0,PROPTYPE_BINARY,
    CR_OUT_BASE64)
    CertEnroll.acceptResponse Cert
    Cert = CertRequest.GetCertificate(CR_OUT_BASE64)
    'Response.Write Cert
    set certif = Server.CreateObject("CAPICOM.Certificate")
    certif.import Cert
    'Response.Write "<br>Valid To : " & certif.ValidToDate
    SetSerialInAd dn,certif.SerialNumber
    SetExpirationInAd dn,Cstr(certif.ValidToDate)

    Dim filename
    filename = CertificatesPath & displ & ".pfx"

    Dim fso
    Set fso = CreateObject("Scripting.FileSystemObject")
    If (fso.FileExists(filename)) Then
    fso.DeleteFile filename,true
    End If
    CertEnroll.createFilePFX PfxPassword,filename
    response.Write "<div class='Box'>"
    Response.Write GenerateTableLine ("GoLtrHS.gif","Certificate was created
    Successfully!")
    Response.Write "<br><br>" & GenerateTableLine ("infoBubble.gif","User :
    " & displ)
    Response.Write GenerateTableLine ("infoBubble.gif","<a href='pfx/" &
    displ & ".pfx'>Download Certificate File</a>")

    'Response.Write "<img src='Images/GoLtrHS.gif'/> Certificate was created
    Successfully!"
    'Response.Write "<br><br>User : " & displ
    'Response.Write "<br><a href='pfx/" & displ & ".pfx'>Download Certificate
    File</a>"
    Else
    GenerateError CStr(CertRequest.GetLastStatus())
    End if
    end sub
    Johan Delimon, Oct 25, 2005
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Subra Mallampalli
    Replies:
    0
    Views:
    429
    Subra Mallampalli
    Oct 2, 2003
  2. Raves

    mscorlib error '80070002'

    Raves, Oct 22, 2003, in forum: ASP .Net
    Replies:
    1
    Views:
    7,497
    John Soulis [MSFT]
    Oct 23, 2003
  3. =?Utf-8?B?SklNLkgu?=

    Q: to create a certificate

    =?Utf-8?B?SklNLkgu?=, Aug 2, 2005, in forum: ASP .Net
    Replies:
    6
    Views:
    438
  4. Helena Cai
    Replies:
    0
    Views:
    395
    Helena Cai
    Aug 29, 2004
  5. Replies:
    0
    Views:
    410
Loading...

Share This Page