About Public-Key
jialiang li
Version: pcANYWHERE32 8.0
Operating system: Windows NT 4.0 SP3
Hi, Roy:
Thanks for your message.
I still have problem to use public-key encryption. I hope you can
give me a help.
I obtained a private Digital ID for two computers. I also can send
encrypted
Email message, so it seems that the Keys have been installed
properly.
I met the following problems:
1. After I downloaded the other computer's public Digital ID key, the
saved file is
a file with extension name .p7c, not .exe (like the documentation
says).
2. When I convert the public Digital ID key from PKCS#7 format to a
certificate store,
according to the documentation, the command line is
certcons PCA.store <name of a public key certificate>
here <name of a public key certificate> means the downloaded file
"ming.p7c",
or the certificate common name? So the command line should be
certcons PCA.store ming.p7c ????
3. Must the file PCA.store be stored in the directory C:\program
files\pcANYWHERE ?
4. In the Security Options tab, what we should type in for the
Certificate common
Name? For example, the name I gave is "mike nour", but when I install
the key, it shows
me the name as "mike nour's VeriSign, Inc. ID", which one should be
used?
When I tried to connect using public-key encryption, I got the
following error
message:
Host's certificate common name could not be found in the remote
certificate store.
5. In the private key containner, I typed one wrong word before, but
now I can not change
it any more. It will also cause problem for the connection by
public-key encryption?
Sorry for so many questions! I really appreciate your any help!!
Jialiang
Roy Susuico (Symantec)
On 25 Sep 1998 21:07:43 GMT, jialiang li wrote:
>1. After I downloaded the other computer's public Digital ID key, the
>saved file is
>a file with extension name .p7c, not .exe (like the documentation
>says).
>
>2. When I convert the public Digital ID key from PKCS#7 format to a
>certificate store,
>according to the documentation, the command line is
>
> certcons PCA.store <name of a public key certificate>
>
> here <name of a public key certificate> means the downloaded file
>"ming.p7c",
>or the certificate common name? So the command line should be
>
> certcons PCA.store ming.p7c ????
This is correct.
>3. Must the file PCA.store be stored in the directory C:\program
>files\pcANYWHERE ?
This is the preferred method, however, it doesn't matter where PCA.STORE is
located.
>4. In the Security Options tab, what we should type in for the
>Certificate common
>Name? For example, the name I gave is "mike nour", but when I install
>the key, it shows
>me the name as "mike nour's VeriSign, Inc. ID", which one should be
>used?
>
>
> When I tried to connect using public-key encryption, I got the
>following error
>message:
>
> Host's certificate common name could not be found in the remote
>certificate store.
This error message is due to the names not matching. The Certificate name
should match the name used when installed. This would be "mike nour's
VeriSign, Inc. ID".
>5. In the private key containner, I typed one wrong word before, but
>now I can not change
>it any more. It will also cause problem for the connection by
>public-key encryption?
This setting can be modified within the Registry. Use REGEDIT and modify
the following:
For Windows NT:
HKEY_CURRENT_USER\Software\Microsoft\Cryptography\MachineKeys
Good luck and please let me know if I can be of further assistance.
----------
Roy Susuico [Symantec Corp.]
Please continue to post your messages to the public discussion groups as
Symantec does not provide support via private email.
If you have difficulty getting a response, please read the following
article:
http://service1.symantec.com/SUPPORT/sharedtech.nsf/docid/1998527114414
For free technical support newsletters, Knowledge Base support articles,
our Online Support Genie, and FAQs, visit our pcANYWHERE support page:
http://www.symantec.com/techsupp/pca.html
jialiang Li
Version: pcANYWHERE32 8.0
Operating system: Windows NT 4.0 SP3
Hi, Roy:
I got headache about pcANYWHERE. The public-key encryption still
does not work.
In this message, I want to report what I did, so it will be clear for
you to give me a
suggestion.
In Remote:
1. Obtain a private
2. Download the Host machine's public key, and save it as file
steve.p7c
3. convert the public key to certificate store by the following
command line:
certcons steve.store steve.p7c
4. Configure pcANYWHERE32 8.0
File menu->system setup->Cryptographic Certificate Store
->C:\temp\pcanyw\steve.store
5. Right-click on a Remote connection item ->properties
->Security Option
->Public Key
6. Private Key Container ???????
7. Certificate Common Name -> steve li
In Host:
1. Obtain a private
2. Download the Remote machine's public key, and save it as file
ming.p7c
3. convert the public key to certificate store by the following
command line:
certcons ming.store ming.p7c
4. Configure pcANYWHERE32 8.0
File menu->system setup->Cryptographic Certificate Store
->C:\temp\pcANYWHERE\ming.store
5. Right-click on a Remote connection item ->properties
->Security Option
->Public Key
6. Private Key Container ???????
7. Certificate Common Name -> ming yang
The error message is the same as before:
Host's Common Name could not be found in the Remote's
Certificate store.
Two Known problems:
1. When I got the private key for each machine, I had not been
asked to enter a name for the private
key ( I have tried for several times, not like the instruction
says). So I can not do any thing about
Private key Container. Also in the Registry, I can not find
any information in the directory as you
pointed:
HKEY_CURRENT_USER\Software\Microsoft\Cryptograph\
2. For the step 3 above, I also tried the following command line:
certcons ming.store ming.p7c steve.p7c
So I put two public-keys in the same Certificate Store
ming.store, and configure pcANYWHERE in both
machines to point to C:\temp\pcanyw\ming.store, but it did not work
either.
Could you read my message carefully, and give me a help?
Thank you very much!
Regards,
Jialiang