I imported a third party CA issued PFX certificate using PFXImportCertStore
. Upon successful importing, the PCERT_KEY_PROV_INFO_PROP_ID
is set to the following values by default by the same call, PFXImportCertStore
Why is the
dwKeySpec
recognised asAT_KEYEXCHANGE
key type rather thanAT_SIGNATURE
?Why is the
pwszProvName
set to Microsoft Base Cryptographic Provider v1.0?The certificate in the first place was issued ONLY for Digital signing. But the key usage field indicates that the certificate can be used for Digital Signature, Non-Repudiation, Key Encipherment, Data Encipherment (f0). Enhanced key usage indicates, Client Authentication and Secure Email? Has the CA has issued the certificate correctly? The front of the certificate shows the following message(screen shot below) which makes me to suspect that this certificate was not issued for digital singing? Am i thinking correctly or not?
4.Because of these issue, i am unable to sign data using CryptSignMessage
. The internal call fails to acquire context to the private key for signing. Any suggestions on how i can get around this issue?
I am able to sign with a selfsigned PFX cert which i generated. Do you think that i could export the private key in to new container and set it property to AT_SIGNATURE
and the csp provider Type to PROV_RSA_AES
, as i require SHA256.
I am working with XP sp3.
Thanks