Marcin Lubonski wrote:
>
> Hi,
>
> I am working on a project of certificate server which is
> almost comlpete. It uses SSL functions to issue certificate...
> I am having quite big problems with documentation about
> installing generated certificate to Netscape Communicator / Navigator or
> MSIE.
> I didn't have problems with key generation - I used <KEYGEN> tag
> in Netscape, but I can't find any example of server-side script for
> forcing client web browser to load certificate (either MSIE or Netscape).
> As I said I had no problems with key generation but only in
> Netscape browsers, MSIE that's another story - Microsoft advices writing a
> script emulating <KEYGEN> probably in VBSCRIPT.
> Well, I am in a real hurry and I didn't have luck with searching
> on the Web.
> If anyone has some expirience with this topics, any documentation
> or example scripts (this would be for me most valuable) or knows
> worth-checking websites, please help !!!!!
>
Netscape is easy. Just point the browser at a page that returns the
certificate as MIME type application/x-x509-user-cert. This is
documented at:
http://home.netscape.com/eng/security/certs.html
MSIE is another story, generally you should use the Xenroll ActiveX
control and you use a script to install a base64 encoded version of the
certificate wrapped in PKCS#7 format. Check out MSDN online and
http://www.microsoft.com/security/tech/certificates/enroll.asp
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
