| Author |
Message |
Ondrej Sevecek
Guest
|
 Posted:
Tue Oct 04, 2005 4:51 pm Post subject:
certificate validity in Certificates MMC snap-in |
|
|
Hello,
I have tried it, but the certificates.MMC snap-in does not check for
revocation information nor for the fact the root CA certificate have to be
in "trusted root"s.
how to make the snap-in do the work or is there a simple utility that would
provide me with exact error codes for the certification validity checks?
O. |
|
| Back to top |
|
 |
Brian Komar [MVP]
Guest
|
| Posted:
Wed Oct 05, 2005 12:50 pm Post subject:
Re: certificate validity in Certificates MMC snap-in |
|
|
In article <ujoO5#OyFHA.664@tk2msftngp13.phx.gbl>, "Ondrej Sevecek"
<ondra at my_surname dot com> says...
| Quote: | Hello,
I have tried it, but the certificates.MMC snap-in does not check for
revocation information nor for the fact the root CA certificate have to be
in "trusted root"s.
how to make the snap-in do the work or is there a simple utility that would
provide me with exact error codes for the certification validity checks?
O.
The MMC consoles do not invoke the calls to check revocation on a |
certificate. This is left up to the application that is validating the
certificate.
The easiest way is to use a computer running Windows XP or Windows
Server 2003 with the Administration Pack installed. You can then run:
certutil -verify -urlfetch <certificateFile.cer>
Just export the certificate from the MMC to a base64 or der format file.
Brian |
|
| Back to top |
|
|
Ondrej Sevecek
Guest
|
| Posted:
Thu Oct 06, 2005 12:51 am Post subject:
Re: certificate validity in Certificates MMC snap-in |
|
|
absolutely the answer. thanks.
O.
"Brian Komar [MVP]" <bkomar@nospam.identit.ca> wrote in message
news:MPG.1dad8019112205b19896b5@msnews.microsoft.com...
| Quote: | In article <ujoO5#OyFHA.664@tk2msftngp13.phx.gbl>, "Ondrej Sevecek"
ondra at my_surname dot com> says...
Hello,
I have tried it, but the certificates.MMC snap-in does not check for
revocation information nor for the fact the root CA certificate have to
be
in "trusted root"s.
how to make the snap-in do the work or is there a simple utility that
would
provide me with exact error codes for the certification validity checks?
O.
The MMC consoles do not invoke the calls to check revocation on a
certificate. This is left up to the application that is validating the
certificate.
The easiest way is to use a computer running Windows XP or Windows
Server 2003 with the Administration Pack installed. You can then run:
certutil -verify -urlfetch <certificateFile.cer
Just export the certificate from the MMC to a base64 or der format file.
Brian |
|
|
| Back to top |
|
|
|
|
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in