login about faq

Hi all, and thank you for reading my post. I'm running an application in Terminal Services RemoteApp that requires a digital certificate to be installed. User profiles are reset every day, so in order for the application to run, I have to re-install the .pfx certificate. If I install the .pfx manually, my application detects that the certificate is installed and runs, but if I install the .pfx file using ChilkatPFX, my application doesn't detect the digital certificate.

Can you guys give me any hint on what I'm doing wrong?

Here's the FoxPro code that I'm using

Local loPFX
Local lnSuccess
TRY
loPFX=CreateObject("Chilkat.pfx")
loPFX.UnlockComponent('MyLicenceKey')
pfxFilename="\\srv-phc-01\Certificados\saphety.pfx"
password="MyPassword"
machineKeyset=1
localMachineCertStore=0
markExportable=1
useWarningDialog=0
lnSuccess=loPFX.ImportPfxFile(pfxFilename, password, machineKeyset, localMachineCertStore, markExportable, useWarningDialog)

if lnSuccess=0
    user_SendLOG("Certificado Saphety", loPFX.LastErrorText)
Else
    user_SaveLog("Certificado Saphety", loPFX.LastErrorText)
    Endif

CATCH TO ex
    user_SendLOG("Certificado Saphety", ex.message)
ENDTRY

And here's the LastErrorText:

ChilkatLog:
  ImportPfxFile:
    DllDate: Mar 26 2010
    Username: MyUser
    filename: \\srv-phc-01\Certificados\saphety.pfx
    machineKeyset: 1
    localMachine: 0
    exportable: 1
    warningDialog: 0
    Loaded the PFX file into memory...
    Password verified.
    adding_cert: Certificate Root 03, Trusted Services SA
    cert_store_location: (registry) HKEY_CURRENT_USER/[Current User Certificate Store]
    Successfully added certificate to certificate store.
    adding_cert: Certificate 05, Trusted Services SA
    cert_store_location: (registry) HKEY_CURRENT_USER/[Current User Certificate Store]
    Successfully added certificate to certificate store.
    adding_cert: MyCompany Certificate, My Company SA
    cert_store_location: (registry) HKEY_CURRENT_USER/[Current User Certificate Store]
    Successfully added certificate to certificate store.

asked Feb 19 '13 at 05:44

mpsoares's gravatar image

mpsoares
1112

edited Feb 19 '13 at 05:52


The import appears to be successful to the Current User certificate store. Some ideas:

  1. Maybe you need to use the Local Machine certificate store (localMachineCertStore=1).
  2. If you really want to use the current user store, you need to confirm that your app is running under the expected user account so that the Current User store matches your desired user store.
link

answered Feb 19 '13 at 10:50

jpbro's gravatar image

jpbro ♦
1.1k2618

Hi jpbro, thanks for your answer.

1) I tried Local Machine Certificate Store, but it returns 0-"Access Denied", although I'm running this as machine administrator on my development environment. Final users accessing the application via RemoteApp will not be administrators.

ChilkatLog:
ImportPfxFile:
DllDate: Mar 26 2010
Username: MyUser
filename: \\srv-phc-01\Certificados\saphety.pfx
machineKeyset: 1
localMachine: 1
exportable: 1
warningDialog: 0
Loaded the PFX file into memory...
Password verified.
Access is denied.
Failed to open Local Machine Certificate Store read/write

2) This is for sure :) The app is always running under the expected user account.

I tried a different approach to install the .pfx file and the result is the same, so it's not Chilkat's fault that its not working. I made a simple VBScript to run on users logon. I can't find any reason why it works when installed manually, and it doesn't work when installed via Chilkat or VBScript :(

Set oShell = CreateObject ("Wscript.Shell")
Dim strArgs
strArgs = "certutil -f -user -p ""pass"" -importpfx ""\\srv-phc-01\certificados\saphety.pfx"" NoRoot"
oShell.Run strArgs, 0, false
link

answered Feb 19 '13 at 12:50

mpsoares's gravatar image

mpsoares
1112

1

The fact that you get an Access Denied error indicates to me that there is a permissions problem on your local machine certificate store. Maybe the Modifying the Access Permissions section of this CK article is relevant: http://www.chilkatsoft.com/p/p_309.asp ?

I also wonder if the script and/or FoxPro code is really running under the user that you want it to...maybe you could add some debugging code to output the current user name within your code would prove this one way or another?

(Feb 19 '13 at 15:39) jpbro ♦
1

Also, I recommend you try the latest version of the ChilkatPfx DLL - the DLLDate should be Dec 12, 2012 in your last error text. Maybe there is a bug that has been fixed since 2010?

(Feb 19 '13 at 18:36) jpbro ♦

Thank you for your time and help. This doesn't seem like a Chilkat issue. I mean, I've tried several different methods to install the .pfx and none worked (except installing it manually as I said), so I guess it's some kind of weird voodoo nonsense going on with my ERP software. We're waiting for an answer from my software provider. Thanks again :)

link

answered Feb 22 '13 at 06:34

mpsoares's gravatar image

mpsoares
1112

Glad to help, and I hope that your software provider will be of actual assistance! If you can, please post your results back when you have a solution, as I'm curious to know what is going wrong. Thanks!

(Feb 22 '13 at 07:12) jpbro ♦
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×48
×7
×1

Asked: Feb 19 '13 at 05:44

Seen: 1,616 times

Last updated: Feb 22 '13 at 07:12

powered by OSQA