EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Https SHA1RSA x SHA256RSA

Also by EldoS: Solid File System
A virtual file system that offers a feature-rich storage for application documents and data with built-in compression and encryption.
#21195
Posted: 08/27/2012 05:50:27
by Eduardo Helminsky (Standard support level)
Joined: 08/20/2010
Posts: 102

Eugene

I have tried the suggestion to load certificate directly from PFX file but the problem is the same.

I am using Windows XP SP 3 with the hotfix 968730 (for use SHA256RSA algorithm).

Why C# app works well (this is not my application but a demo from other supplier) and certificates with SHA1RSA works in my application ?

I have tried to run this application on Windows 7 32 bits but it does not work too.
#21196
Posted: 08/27/2012 05:58:01
by Vsevolod Ievgiienko (EldoS Corp.)

Hello.

Please check the result of LoadFromStreamPFX function. It should be 'zero' for a successful call and contain and error code otherwise.
#21201
Posted: 08/27/2012 08:53:09
by Eduardo Helminsky (Standard support level)
Joined: 08/20/2010
Posts: 102

Vsevolod

Yes, it results "zero".

I don´t know if it is important but when I install the certificate into a machine and then I exported it to create the PFX file.

I have done it in Internet Explorer and check the option to "include all certificates in the hierarchy" (I don´t know how it is written in English because I am using Portuguese version).
#21203
Posted: 08/27/2012 09:33:59
by Eugene Mayevski (EldoS Corp.)

After loading the certificate please check if its PrivateKeyExists property is true. This will ensure that the private key was exported from Windows Certificate Storage as well.


Sincerely yours
Eugene Mayevski
#21206
Posted: 08/27/2012 10:08:45
by Eduardo Helminsky (Standard support level)
Joined: 08/20/2010
Posts: 102

Eugene

Delphi XE Update 1, SSB 9.16, running Windows XP SP3

Sorry to bother you but why not use Windows Storage ? I have used the code below but I have situations with A3 certificate and SHA256RSA and I would not use this approach.

Code
var nI: Integer;
    FS: TFileStream;
begin
     FS := TFileStream.Create('c:\certificate.pfx',fmOpenRead);
     try
        nI := FMemCert.LoadFromStreamPFX(FS,'password');
        if nI = 0 then begin
           beep;   <<---- It happens
        end;
        FCert := FMemCert.Certificates[0];
        if FCert.PrivateKeyExists then begin
           beep;   <<---- It happens
        end;
     finally
        FS.Free;
     end;
#21207
Posted: 08/27/2012 10:31:36
by Eugene Mayevski (EldoS Corp.)

It is important to figure out, what exactly causes the operation to fail. As we don't have a certificate and can't reproduce the problem, all we can do at the moment is to narrow down the problem. However I don't see what else we can try without reproducing the problem locally.

Is there a chance to have some test certificate to connect to the web server in question? If this is possible, you can post such test certificate to the HelpDesk - this is confidential.


Sincerely yours
Eugene Mayevski
#21217
Posted: 08/28/2012 05:51:59
by Eduardo Helminsky (Standard support level)
Joined: 08/20/2010
Posts: 102

I have sent a project to reproduce the problem to the HelpDesk.

Let me know if you need more details.
#23363
Posted: 02/07/2013 19:43:52
by Leonardo Herrera (Standard support level)
Joined: 02/14/2011
Posts: 66

Was there any resolution to this problem? I'm having the same issue here with one certificate under Windows 7. My own certificate under windows 8 works.
#23364
Posted: 02/07/2013 23:24:05
by Eugene Mayevski (EldoS Corp.)

That were bugs in the server, which behaved badly ( didn't accept the chain but only a single certificate, compared the serial number of the certificate instead of validating it etc).


Sincerely yours
Eugene Mayevski
#23666
Posted: 02/22/2013 17:14:26
by Leonardo Herrera (Standard support level)
Joined: 02/14/2011
Posts: 66

OKay - in my case it was my mistake. I had failed to assign the "ClientCertStorage" property, and had used "CertStorage" by mistake. Correcting this made my project work.

It is worth mentioning that, under Windows 8, it worked anyways. But Windows 7 and XP failed.
Also by EldoS: CallbackProcess
A component to control process creation and termination in Windows and .NET applications.

Reply

Statistics

Topic viewed 8357 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!