locked
Certificate Signing Request Tool

    Question

  • Hi All,

    Currently there is a requirement in our application for creating a SSL Certificate Signing Request (CSR) message. Is it possible to develop one on .Net Framework 3.5 Some of the websites lilke Verisign do not mention any such procedure where they say that a custom tool is available apart from OpenSSL but they basically have provided a list all the webservers where their Digital Certificates are compatible and the instructions which say how the CSR's can be generated on these web servers. 

    I understand that the CSR contain the Web Server's public key, organization information and a unique match for server's private key.

    The certificates issued by the Certifying Authority  is used for Cient/Server authentication over TCP/IP.

    Look forward for some replies

    Thanks

    Wednesday, May 12, 2010 8:51 AM

Answers

  • Hi All,

    The .net framework provides the XenRollLob.dll for XP and lower versions and CertEnrollLib.dll & CertMgr.dll for Vista/2008 server and higher versions. Using these we have developed the Certificate Signing Request tool. 

    Thanks,

    Srital

     

     

    • Marked as answer by EssP Wednesday, August 25, 2010 11:16 AM
    Wednesday, August 25, 2010 11:15 AM

All replies

  • If you need to generate CSRs (once or from time to time), take a look at free Crypto4 PKI tools, which include certificate and CSR generator.
    Wednesday, May 12, 2010 1:39 PM
  • Thanks Eugene, this tool is useful which generates the CSR. But the requirement that currently I have is to develop this tool itslef (that is something similar to Crypto4 PKI, but only the CSR geenration part) Can this has to be done using the .Net Framework 3.5 would there be any dependency on the web server's that are currently running on the machines ?

    Thanks

    Thursday, May 13, 2010 12:26 PM
  • Don't know about .NET Framework capabilities in this aspect. Crypto4 PKI uses SecureBlackbox for all operations.
    Thursday, May 13, 2010 2:39 PM
  • Hi All,

    The .net framework provides the XenRollLob.dll for XP and lower versions and CertEnrollLib.dll & CertMgr.dll for Vista/2008 server and higher versions. Using these we have developed the Certificate Signing Request tool. 

    Thanks,

    Srital

     

     

    • Marked as answer by EssP Wednesday, August 25, 2010 11:16 AM
    Wednesday, August 25, 2010 11:15 AM