EldoS | Feel safer!

Software components for data protection, secure storage and transfer

How to create a CSR?

Also by EldoS: CallbackFilter
A component to monitor and control disk activity, track file and directory operations (create, read, write, rename etc.), alter file data, encrypt files, create virtual files.
#12763
Posted: 03/11/2010 04:53:29
by neil young (Standard support level)
Joined: 11/05/2007
Posts: 96

Hi,
could one of you please be so kind as to explain, how to create a CSR with the CertDemo? If in GenerateCert.cs the function btnSaveClick runs into "Request.SaveToStream", the request file is 0 length. With PEM/CSR or txt extension, there is at least content in the request, but the private key file is always 0. What is the requirement for the root certificate? Is there one??

I had to change this
Ext = Path.GetExtension(edRequest.Text);
// Ext = edRequest.Text.Substring(edRequest.Text.Length - 3 - 1 ,Int32.MaxValue).ToLower();

and the code for the edPrivateKey accordingly, because it ran into an exception.
#12765
Posted: 03/11/2010 06:44:01
by Ken Ivanov (EldoS Corp.)

Thank you for pointing us at this.

There's another bug in the sample -- the output streams are not closed, that's why the saved data is not flushed to the file. Please update the saving code of the sample according to the following:
Code
        public void btnSaveClick(System.Object Sender, System.EventArgs _e1)
        {
            string Ext = null;
            string Pwd = null;
            FileStream Stream = null;
            if ((edRequest.Text == "") || (edPrivateKey.Text == ""))
            {
                MessageBox.Show("You must select both files");
                return;
            }
            Stream = new FileStream(edRequest.Text, FileMode.Create);
            try {
                try
                {
                    Ext = Path.GetExtension(edRequest.Text).ToLower();
                    if ((Ext == ".csr") || (Ext == ".pem") || (Ext == ".txt"))
                        Request.SaveToStreamPEM(Stream);
                    else
                        Request.SaveToStream(Stream);
                }
                finally
                {
                    Stream.Close();
                }
            }
            catch {
                MessageBox.Show("Failed to save Certificate Signing Request");
                return;
            }
            Stream = new FileStream(edPrivateKey.Text, FileMode.Create);
            try {
                try
                {
                    Ext = Path.GetExtension(edPrivateKey.Text).ToLower();
                    if ((Ext == ".pem") || (Ext == ".pvk"))
                    {
                        if (!InputBox.RequestPassword("Enter password", "Enter password for private key", ref Pwd))
                        {
                            Stream.Close();
                            return;
                        }
                        if (Ext == ".pem")
                            Request.SaveKeyToStreamPEM(Stream, Pwd);
                        else
                            SBX509.Unit.RaiseX509Error(Request.SaveKeyToStreamPVK(Stream, Pwd, true));
                    }
                    else
                        Request.SaveKeyToStream(Stream);
                }
                finally
                {
                    Stream.Close();
                }
            }
            catch {
                MessageBox.Show("Failed to save private key for Certificate Signing Request");
                return;
            }
            this.DialogResult = DialogResult.OK;
            this.Close();
        }


We are really sorry for wasting your time with that.
#12766
Posted: 03/11/2010 06:53:39
by neil young (Standard support level)
Joined: 11/05/2007
Posts: 96

No, you don't really waste my time :) I really appreciate all what your'e doing here :)

Thanks for the fix. Add Q: Is it required to produce the CSR based on a given root certificate? I mean: Is the menu "Create CSR" equivalent to the right mouse "Create CSR" for a given root cert? You see, I have no idea of all this :)

Regards
#12767
Posted: 03/11/2010 07:39:15
by Ken Ivanov (EldoS Corp.)

No, the CSR is completely independent of the root certificate that is to be used for issuing a corresponding certificate. That is, both pop-up and main menu entries are equal.
#12768
Posted: 03/11/2010 07:42:15
by neil young (Standard support level)
Joined: 11/05/2007
Posts: 96

Thanks again :)
Regards
#12769
Posted: 03/11/2010 13:37:46
by neil young (Standard support level)
Joined: 11/05/2007
Posts: 96

OK, now I have my CSR. Say, I want to act as a CA and need to sign the CSR. What API would I have to use for this?

Kind regards
#12770
Posted: 03/11/2010 13:48:01
by Ken Ivanov (EldoS Corp.)

One of TElX509Certificate.Generate() methods accepts TElCertificateRequest object as parameter. Use this method to generate a certificate basing on the existing request.
#12771
Posted: 03/11/2010 13:51:29
by neil young (Standard support level)
Joined: 11/05/2007
Posts: 96

Hmm. X is > v. 5 I guess?
#12772
Posted: 03/11/2010 13:52:56
by neil young (Standard support level)
Joined: 11/05/2007
Posts: 96

BTW: I would like to discuss some license issues with you, via mail possible? If yes, please send me your mail address to neil dot young at freenet dot de.

Thanks.
#12773
Posted: 03/11/2010 14:24:26
by Eugene Mayevski (EldoS Corp.)

Answered in HelpDesk


Sincerely yours
Eugene Mayevski
Also by EldoS: Solid File System
A virtual file system that offers a feature-rich storage for application documents and data with built-in compression and encryption.

Reply

Statistics

Topic viewed 2834 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!