Unable to see certificate key usage RRS feed

  • Question

  • HI,

    I'm using BTS2006R2 with SP1 installed on a Win2003 machine.

    I am trying to assign a certificate to a party.  I can click on "Browse" and see the certificate, but when I check the certificate properties the listing of the purposes is blank.  This may be causing me issues with AS2 signing and encryption.

    I have a screen shot that I can email if necessary.



    Thursday, July 29, 2010 6:07 PM

All replies

  • Hi Mike, 

    Have the certificate been created using makecert utility??


    Note: Makecert does not allow you to specify Key Usage extension. You can only specify Enhanced Key Usage extension [eky]. While creating a certificate using makecert For S/MIME usage and a self-signed certificate and to douse this issue, it is best to specify an AT_KEYEXCHANGE type of key and ClientAuthentication eku with makecert like so:

    makecert ..... -sky exchange -eku

    This will definitely work for both S/MIME (signed and encrypted email and messages) and web-site client authentication provided your authenticating app trusts your certificate (since it is self-signed).

    If you want to make a certificate with these Key Usage, you can create a Certificate Template with these key usage and any certificate generated using this Template will surely have these key usage. Use Certificate Authority for Enterprise Root CA.


    Best Regards, Vishnu
    Friday, July 30, 2010 4:26 AM
  • Hi,

        This might be an issue with BTS 2006 R2Sp1. Please open a SR to your microsoft Biztalk support.





    If this answers your question, please mark it as "Answered".
    Friday, July 30, 2010 4:50 AM
  • Hi,

    I don't think it's related to my machine.  I started "MSDN Virtual Lab Express: What's New in BizTalk Server 2006", imported my public cert, and then tried to set it to a party.  The certificate purposes are blank here too.



    Friday, July 30, 2010 4:42 PM