Ureader.com  
Microsoft software help and Community
   home   |   control panel login   |   archive   |  
 
platform
active.directory
adsi
adsi.iis-admin
base
com_ole
complus_mts
component_svcs
database
directx
gdi
graphics_mm
internet.client
internet.server
internet.server.isapi-dev
localization
mapi
messaging
msi
mslayerforunicode
multimedia
networking
networking.ipv6
sdk_install
security
shell
telephony.tapi_2
telephony.tapi_3
telephony.tsp
telephony.wte
tools
ui
ui_shell
win_base_svcs
win16
  
 
date: Wed, 11 Jun 2008 05:36:01 -0700 (PDT),    group: microsoft.public.platformsdk.security        back       


How to change the subject of a Request in a MS CA custom policy module?    
Hello,

I try to build my first custom policy module.
The reason ist that we want to set all DN of a certain certificate
type (webserver certs) according to a template.
As we issue these certs for all kinds of servers (IIS, apache, tomcat,
etc.) we cannot control the creation of the request, but have to live
with the pkcs10-requests that are sent to our CA (MS Server 2003 R2
EE).

I tried to gather all Information I need in order to implement this
and came up with the following:
use a custom policy module, that works like this:
- if the certificate has an extended Key Usage for
WebServerauthentication
- then change the certificate subject according to the template cn=<cn
in request>, o=ourCompany, c=<c in request>

So when I work my way through the documentation on msdn I hit several
questions:
- how can I find out about the extended Key Usage ? Is
GetCertificateExtension the right way? what would be the
strExtensionName?
- the subject seems only to be setable in pieces, not as a whole. Can
I delete pieces with SetCertificateProperty ?

Hoping for many answers,

Alexander Jung
date: Wed, 11 Jun 2008 05:36:01 -0700 (PDT)   author:   unknown

Google
 
Web ureader.com


    COPYRIGHT 2007, YARDI TECHNOLOGY LIMITED, ALL RIGHT RESERVE  |   contact us