Re: Application Data\Microsoft\Crypto\RSA\MachineKeys and windows xp service pack 2.0

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Jag (jagdeepsahdeva_at_hotmail.com)
Date: 10/19/04 

Date: Tue, 19 Oct 2004 10:45:35 +1000

Hi Hervey,

The X509Certificate tool is fine and can read the private key file and the
security settings state the "Everyone" has access to the private key file.

The client side uses the policy file and can encrypt using the server public
key. The server decrypts the request and does some business processing. The
response back to client that need to be encrypted using the server private
key, I feel this succeeds but the client fails to decrypt the server
response. The client side has the following files InputTrace.webinfo,
OutputTrace.webinfo, SendPolicy.webinfo but the ReceivePolicy.webinfo is
missing on the box with xp service pack 2.0. The server side has all the
required debug files with no mention of <fault> tag.

I hope this helps to understand the problem.

Regards

Jag

"Hervey Wilson [MSFT]" <herveyw.nospam@nospam.microsoft.com> wrote in
message news:eT4pumStEHA.2596@TK2MSFTNGP15.phx.gbl...
> Jag wrote:
> > It appears that limited users no longer have permission to read the
> > folder
> > "C:\Documents and Settings\All Users\Application
> > Data\Microsoft\Crypto\RSA\MachineKeys" . My App that was working
> > before now is broken.(after Xp service pack 2.0 install). The
> > exception is private key not available. Any help will be appreciated.
> >
> > Regards
> > Jag
>
> What does the X509Certificate tool in WSE2 say about the security on the
> private key?
>
>
> --
> This posting is provided "AS IS", with no warranties, and confers no
rights.

Relevant Pages

  • Re: A cryptography solution for a client/server winforms app
    ... good idea if you want to learn crypto. ... you control both the client and server, you don't even need to use a ... code the client to ignore certificate trust errors. ... encrypt the memory stream. ...
    (microsoft.public.dotnet.security)
  • Re: Encrypted files do they work for backups?
    ... I'm going to test it out myself on my own test SBS Server. ... >>If I use the administrator account, and I encrypt it EFS on a External ... >>> format you need the private key to decrypt the files ... do you have the recovery agent Encrypting File ...
    (microsoft.public.windows.server.sbs)
  • Re: Location of users private key in PKI solution
    ... If clients and server are Windows platforms, check out CAPICOM as it would ... > It sounds as though I should design the system so that the client ... > application performs the signing operation as that is the most likely ... >> The private key is typically located on the users machine. ...
    (microsoft.public.security)
  • Re: Location of users private key in PKI solution
    ... If clients and server are Windows platforms, check out CAPICOM as it would ... > It sounds as though I should design the system so that the client ... > application performs the signing operation as that is the most likely ... >> The private key is typically located on the users machine. ...
    (microsoft.public.win2000.security)
  • Re: File ENcryption Problem Detail
    ... > In addition, when u encrypt remotely (client to server), which users ... We can encrypt remotely (client to server, ... >>> it is able to encrypt file locally on the DC, ...
    (microsoft.public.win2000.security)