News  [SoftwareSite

Latest News
Older News
RSS Feed
 
Complete Projects
Useful Classes
Top Downloads
Message Board
AllAPI.net
 
Send Comments
Software License
Mentalis.org Buttons
Donate
 
Forums -> Security Library Forum
 
Unable to import the PFX file! [error code = -2146893802]  
by Harmeet Bedi
posted on 2003/11/08

Not able to read PFX file.
Here is what I am trying to do
CertificateStore.CreateFromPfxFile(file, password);

Where PFX file is server.pfx shipped with distribution and password is 'test' from WebServer Sample.

Any hints would be very appreciated.
I can read the PFX file in windows by double clicking and my IE 6 has Cipher Strength 128, so it may not be an export level security issue on my machine.

thanks,
Harmeet

by Pieter Philippaerts [Pieter at mentalis dot org]
posted on 2003/11/08

Can you post the code you're using?
What version of Windows are you using?
Have you tried manually specifying a keyset location? [look for the CreateFromPfxFile overload with a KeysetLocation parameter]?
Are you running your code in an ASP.NET program or a normal desktop application?

by Harmeet Bedi [harmeet at kodemuse dot com]
posted on 2003/11/08

I am running Windows 2000. Service pack 4.

Specified the keyset manually in a command line program with this snippet.

KeysetLocation[] loc = new KeysetLocation[]
{ KeysetLocation.CurrentUser
, KeysetLocation.Default
, KeysetLocation.LocalMachine };
CertificateStore cs = null;
foreach ( KeysetLocation kl in loc )
{
if ( cs != null )
break;
try
{
cs = CertificateStore.CreateFromPfxFile
(file, password,false,kl);
}
catch(Exception ex)
{
Console.WriteLine(kl+": "+ex.ToString());
}
}

Did not work. Omitting the stack trace here is what I got.
------
CurrentUser: Org.Mentalis.Security.Certificates.CertificateException:
Unable to import the PFX file! [error code = -2146893802]
Default: Org.Mentalis.Security.Certificates.CertificateException:
Unable to import the PFX file! [error code = -2146893802]
LocalMachine: Org.Mentalis.Security.Certificates.CertificateException:
Unable to import the PFX file! [error code = -2146893792]
------

I tried with both 1.0 and the latest 1.0b software version.

Looking at the code, it appears you are calling 'PFXImportCertStore' in crypt32.dll.
I am too familar how windows security works. I have a PKCS12 file that I want to use as a keystore. PKCS12 has certificate chain and private key in it. So I am not sure why I need the dwFlags parameter. Do I need to crack open my PKCS12 file and store public/private keys somewhere ?

thanks,
Harmeet

by Harmeet Bedi [harmeet at kodemuse dot com]
posted on 2003/11/08

It appears to work ok now.

I keep IPSec and IIS Admin service disabled.
I turned on IPSec and IIS Admin Service. It worked after that.
Turned off both these services and it still worked.

It may be that IPSec service loads a crypto provider. I don't know enough about MS Security setup, so can only guess.

Got some hints from
http://support.microsoft.com/default.aspx?kbid=313494

thanks for all the help.

by Angel Todorov [atodorov at acm dot org]
posted on 2003/11/09

Hello, since you are using it with IIS, just in case, i can tell you about another typical problem that occurs: PRB: "CSP for This Implementation Could Not Be Acquired" CryptographicException Error During Instantiation

You can find solution on:

http://support.microsoft.com/default.aspx?scid=http://support.microsoft.com:80/support/kb/articles/q322/3/71.asp&NoWebContent=1

 

Copyright © 2002-2007, The Mentalis.org Team. All rights reserved.
This site is located at http://www.mentalis.org/
Send comments to the webmaster.