MSIE & User Certificate

[Alexander Tyshlek]

Hello All!

Does anybody successfully installed user certificate in MSIE

In MSDN I've seen following example on VBScript:

<HTML>
<TITLE>Certificate Enrollment Acceptance HTML Page</TITLE>
<BODY>

<OBJECT
    classid="clsid:43F8F289-7A20-11D0-8F06-00C04FC295E1"
    CODEBASE="xenroll.dll"
    id=IControl
    >
</OBJECT>

<FORM NAME="result" ENCTYPE=x-www-form-encoded METHOD=POST>
    <INPUT TYPE="HIDDEN" NAME="result">
    <TD ALIGN=center><INPUT TYPE="BUTTON" _
        NAME="Accept" value="Accept" onClick="AcceptCertSub" 
        language="VBScript">
    <TD ALIGN=center><INPUT TYPE="BUTTON" 
        NAME="No" value="No" onClick="NoAcceptCertSub" 
        language="VBScript">

<SCRIPT LANGUAGE="VBSCRIPT">

    '-----------------------------------------------------------------
    'Accept the certificate subroutine.
    '-----------------------------------------------------------------
    Sub AcceptCertSub

    On Error Resume Next

    '--------------------------------------------------------------
    ' Get the issued certificate.
    ' The following value, "PKCS7", represents the received message. 
    ' Actually, this value must be supplied through the design of
    ' the receiving application.
    ' A possible implementation is as follows: after using 
    ' ICertRequest.Submit to submit the PKCS #10, call 
    ' ICertRequest.GetLastStatus to confirm successful certificate 
    ' creation, and then call ICertRequest.GetCertificate to retrieve 
    ' the certificate.
    ' -------------------------------------------------------------
    document.result.result.value = "PKCS7"

    Call IControl.AcceptPKCS7(document.result.result.value)

    If err.Number = 0 Then
        navigate "..\done.htm"
    Else
        Alert "Error: " & Hex(err)
    End If

    End sub

    '-----------------------------------------------------------------
    ' Decline the certificate sub-routine.
    '-----------------------------------------------------------------
    Sub NoAcceptCertSub
    navigate "..\notdone.htm"
    End sub

</SCRIPT>
</BODY>
</HTML>

Private Key Generation in MSIE was successfull.
I've generated user certificate using `openssl ca -msie_hack ...`,
signed it by crypto/pkcs7/sign, insert it in
document.result.result.value and ... obtained error 80092004?!!
I've tested DER-encoded and PEM-encoded user certificate for signing,
but result is same.
What I do wrong?
My configuration is: OpenSSL v0.9.4, platform WinNT 4.0, MSIE v4.1, 5.0;

Thanks for advance!

Alexander Tyshlek,
[EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]