[Bug 11070] importpfx fails, needs PFXImportCertStore

wine-bugs at winehq.org wine-bugs at winehq.org
Tue Jan 19 19:51:49 CST 2010 

http://bugs.winehq.org/show_bug.cgi?id=11070


Kenneth Robinette <support at securenetterm.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |support at securenetterm.com




--- Comment #16 from Kenneth Robinette <support at securenetterm.com>  2010-01-19 19:51:48 ---
(In reply to comment #15)
> I get the same error with wine 1.1.24.
> with overriding crypt32.dll and msasn1.dll it seems to be possible to import an
> pfx with importpfx.exe.
> but as I could test, the certificate does not work, altough I can see it listed
> in the store.
> I've also tried winhttpcertcfg.exe to import an pfx, with overrided dlls it
> always tells me that the path, filename or password of the pfx is not correct,
> without overriding the dlls it dies with:
> Microsoft (R) WinHTTP Certificate Configuration Tool
> Copyright (C) Microsoft Corporation 2001.
> Error:  Unable to open PFX file
> fixme:crypt:CRYPT_MemCloseStore Unimplemented flags: 00000001
> fixme:crypt:CRYPT_RegCloseStore Unimplemented flags: 00000001
> fixme:crypt:CRYPT_MemCloseStore Unimplemented flags: 00000001
> any ideas?
> thanks!
> kind regards, Alois

In order to test the SSH certificate authentication in our SNeTerm product, I
wrote a .pfx/p12 import utility and used the default wine crypt32.dll.  I was
able to import successfully into the MY and ROOT certificate stores.

I also was able to successfully authenticate using the certificates with the
SSH Data Communications Tectia server (which was setup to use a host
certificate and client certificate authentication).

The testing was done on a Redhat x86_64 Enterprise 5 system using wine 1.1.36.

So, it would appear that the only thing left to do for the normal wine
Microsoft certificate import wizard is to fix the logic to read the .pfx/.p12
certificate file and build the required data structures to call:

CryptImportKey()
CertAddEncodedCertificateToStore()
// For Friendly Name
CertSetCertificateContextProperty()
// If certificate is to be copied to hardware device
CryptSetKeyParam()

-- 
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
Do not reply to this email, post in Bugzilla using the
above URL to reply.
------- You are receiving this mail because: -------
You are watching all bug changes.

More information about the wine-bugs mailing list