I'm having a similar problem with Win7 and IE9. The function vistaCSR() gets called in the file ieVistaCSR.js and this line of code throws an exception: res.value = enrObj.CreateRequest(1);. In the try/catch, e.text = "undefined". I've already set the Trusted sites settings as described before and I have its security level set to Low. Nothing helps. Thanks in advance for any help.
Massimiliano Pala-7 wrote: > > Hi, > > I am a little confused since the control is not inside an iframe but on > the > main page already. Is this related to changes you made to the default html > ? > I don't have any problems in generating requests on Win Vista + IE9. > > Cheers, > Max > > > On 08/02/2011 06:29 AM, tomaaak wrote: >> >> Hello, >> >> finaly we have received some info from Microsoft's IE team. We will try >> to >> test the workaround. I remember trying to run CA without frames without >> success, but maybe we did something wrong. >> >> "... >> PROBLEM: >> >> On Vista SP1, if you are using certenroll inside of a frame and you call >> CreateRequest then the user will be prompted with our message box to >> allow >> creating the certificate request. >> >> On Win7, if you are using certenroll inside of a frame and you call >> CreateObject on the factory then the user will NOT be prompted and the >> code >> assumes the user clicked "cancel" which does not allow the object to be >> created and the whole thing fails... >> >> >> - In Vista SP1, we obtained the handle to the window by calling >> GetForegroundWindow() >> >> - In Win7, we obtain the handle to the window by asking the browser >> object >> for its handle. However, the handle appears to be invalid when it is >> called >> within a frame >> >> >> The certenroll control must NOT be inside an iframe. The control must be >> in >> the parent frame and the child frame can access the object from the >> parent >> frame. >> >> This works if they are in the same domain. If they are in different >> subdomains then you must use document.domain = "x.com" in both the child >> and >> parent frames >> >> >> >> WORKAROUND : >> >> Put certenroll in the topmost parent frame. Children can access it using >> window.parent if necessary [as long as the domain is the same] >> >> >> >> ANOTHER POSSIBLE FIX: >> >> The fix is around 4 lines of new code + 4 lines changes, here is the fix: >> >> >> How To Retrieve the Top-Level IWebBrowser2 Interface from an ActiveX >> Control >> >> http://support.microsoft.com/kb/q257717/ >> >> ..." >> >> >> Tom >> >> >> >> >> >> Massimiliano Pala-3 wrote: >>> >>> Hello Guys, >>> >>> is there any news about this ? I have not been able to follow up on this >>> part since a lot of efforts are being put in LibPKI and the OCSP server. >>> >>> Let me know if you have code patches / fixes. I will include them in the >>> package. >>> >>> Cheers, >>> Max >>> >>> >>> On 04/11/2011 07:18 AM, tomaaak wrote: >>>> >>>> Hi Dmitrij, >>>> >>>> thanks, but I have played a lot with various security settings and the >>>> problem is probably in redefined interface to some crypto-component >>>> which >>>> OpenCA does not reflect. I am investiating it together with Microsoft >>>> support (yes, really :-) ). They are comparing debug outputs from >>>> Vista/IE7 >>>> (where it works) with later versions. >>>> >>>> Vista SP1 (SP1 is required to run IE8) does not work and throws the >>>> same >>>> error as Win 7. >>>> There is no difference between 32 and 64-bit versions. >>>> >>>> Tom >>> >>> >>> >>> -- >>> >>> Best Regards, >>> >>> Massimiliano Pala >>> >>> >>> >>> >> > > -- > > http://member.acm.org/~openca/ > > Massimiliano Pala, Ph.D. > Director, OpenCA Labs > Professor, NYU Poly > > > > ------------------------------------------------------------------------------ > BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA > The must-attend event for mobile developers. Connect with experts. > Get tools for creating Super Apps. See the latest technologies. > Sessions, hands-on labs, demos & much more. Register early & save! > http://p.sf.net/sfu/rim-blackberry-1 > _______________________________________________ > Openca-Users mailing list > Openca-Users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/openca-users > > -- View this message in context: http://old.nabble.com/Certificate-request-from-Windows-7-and-Internet-Explorer-8-tp31122889p32418432.html Sent from the openca-users mailing list archive at Nabble.com. ------------------------------------------------------------------------------ Using storage to extend the benefits of virtualization and iSCSI Virtualization increases hardware utilization and delivers a new level of agility. Learn what those decisions are and how to modernize your storage and backup environments for virtualization. http://www.accelacomm.com/jaw/sfnl/114/51434361/ _______________________________________________ Openca-Users mailing list Openca-Users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openca-users
