Re: X509 Certificate Help

Thanks for reply,
I just want to clear it again you mean if i have client.PFX and Server.CER.
I have to install client.pfx at both client and server side and
server.cer should be install at Server side only.
If this is not right,please explain me uing this two files Client.PFX and
Server.CER How should i install at Client and Server sides.

"Pablo Cibraro" wrote:

> Hi,
> You also need to install the private key on the server (Server.PFX instead
> of Server.CER) because you need it to do encryption operations.
> WSE uses X509 keys in the following way:
>
> Signature -> Client uses private key to sign the message - Server uses
> public key to verify the signature
> Encryption -> Client uses public key to encrypt the message -> Server uses
> the private key to decrypt the message
>
> I hope this can help you
> Regards,
> Pablo Cibraro
> www.lagash.com
>
> "syed javid" <syedjavid@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> news:D8B3E452-B565-4473-A186-E83DF58375AA@xxxxxxxxxxxxxxxx
> > The Cert is in Personal Store and the Web Service is running under Domain
> > Administrator account also the cert accessable to ASPNET Account and
> > Domain
> > Admin.
> > Still the same exception.
> >
> > "Marvin Smit" wrote:
> >
> >> Hi,
> >>
> >> Which account is requesting the cert? And is the cert in the Computer
> >> or Personal store?
> >>
> >> Hope this helps,
> >>
> >> Marvin Smit.
> >>
> >> On Wed, 31 Aug 2005 03:09:04 -0700, "syed javid"
> >> <syedjavid@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
> >>
> >> >Hi,
> >> >
> >> >I have little confusion about using X509 Certificates. I work with
> >> >Signing
> >> >of SOAP Message with Private Key (.PFX) having stored at Root Store in
> >> >Current user at Client Side and Public Key (.CER) at Local Machine Root
> >> >Store at Server Side it works. But I have problem when doing both
> >> >Signing and
> >> >Encryption of SOAP Message using same Key's and at same location.
> >> >Error is Private Key not available.
> >> >
> >> >Please any help about using of the Private Key and Public Key and
> >> >locations
> >> >for signing and encryption both.
> >> >Is it Possible to use Private Key for both Signing and Encryption or I
> >> >have
> >> >to use differnet key's for doing both Signing and Encryption.
> >> >
> >> >Thanks in Advance
> >> >
> >>
> >>
>
>
>
.

Relevant Pages

  • RE: IIS Key pairs (how to export an IIS 4.0 self-issued Root CA a nd import into new IIS 4.0 box)
    ... it prompts the user for what client cert they want to use to connect to the ... it issues client certificates to the end users. ... Step I - Installing the New Server ... Install NT SP 3 ONLY ...
    (Focus-Microsoft)
  • Re: Direct Push failed.
    ... he security certificatee on the server is invalid. ... If have this error which means my ISA is working correctly am i right? ... The way is to export out the root cert from the ... In some cases you will have to install the trusted root certificate. ...
    (microsoft.public.exchange.setup)
  • Re: Terminal Services over a VPN
    ... Create a certificate request and submit it to godaddy in order to obtain a public cert. ... You can use the wizard in IIS Manager for this by creating a new website that matches the above name (on your TS server), right-click and choose properties, directory security tab, server certificate button. ... After the install you can stop or delete the website created above since you don't need it for anything. ...
    (microsoft.public.windows.terminal_services)
  • Re: Cingular 8125 and ActiveSynch
    ... What error message do you get when you copy the cert to the phone and click ... The last time I worried about it, Verizon ... They have a SBS Standard 2003 Server with all Service Packs (Exchange ... get the certs to install. ...
    (microsoft.public.windows.server.sbs)
  • Re: Windows 2003 sbs : multiple webs & SSL
    ... You can get them to install the cert though. ... > instance) and install it on the server. ... Forgetting about SSL for a moment, you CAN have different websites on ...
    (microsoft.public.windows.server.sbs)