Wednesday, June 20, 2012 4:57 AM
When I use a self sign certificate created through IIS I see the Key usage fields as
Data Encipherment and Key Encipherment.
All of the TLS/SSL connects successfully.
When I use public CA certificate, which has the key usage fields is either missing or does not contain both Data Encipherment and Key Encipherment, the call to AcceptSecurityContext fails with
# for hex 0x80090308 / decimal -2146893048
# The token supplied to the function is invalid
# for hex 0x80090326 / decimal -2146893018
What Key usage attributes are required by AcceptSecurityContext on the provided Certificate?
I have not been able to find any clear documentation on the required key usage on a certificate.
Thanks in advance for any assistance in this matter.
Wednesday, August 08, 2012 5:34 AM
With the third party SSL certificates InBuffer.SetSecurityBufferToken(0, data, len);
Has a len of around 2K.
The buffer provided was 1K, the length test prior to reading threw an error on the second iteration at the socket on the other end.
This passed an abort to my end.
The reason the call was failing on the 3rd party SSL certificates is because reading the socket for the key exchange values failed. Not a buffer overflow, but obtuse error reporting.
- Marked As Answer by ghunt Wednesday, August 08, 2012 5:34 AM