Allow requesting a specific signature key on a certification authority

The Microsoft Certification Authority always signs certificates using the key associated with the most recent Certification Authority Certificate. The signing certificate for an OCSP response should be in accordance with RFC 6960 but signed by the same key as the certificate to be verified:

The CA SHOULD use the same issuing key to issue a delegation certificate as that used to sign the certificate being checked for revocation.

https://tools.ietf.org/html/rfc6960#section-4.2.2.2

However, if the certification authority certificate is renewed and a new key pair is used in the process, it is necessary for the online responder to continue to maintain valid signature certificates for the certificates issued with the previous certification authority certificate, since these are ultimately still valid and must be checked for revocation.

Continue reading „Die Beantragung eines bestimmten Signaturschlüssels auf einer Zertifizierungsstelle erlauben“

Certificate request fails with error message "The system cannot find the file specified. 0x80070002 (WIN32: 2 ERROR_FILE_NOT_FOUND)".

Assume the following scenario:

  • A certificate request is sent to a certification authority.
  • The certificate request fails with the following error message:
Error Parsing Request The system cannot find the file specified. 0x80070002 (WIN32: 2 ERROR_FILE_NOT_FOUND)
Continue reading „Die Beantragung eines Zertifikats schlägt fehl mit Fehlermeldung „The system cannot find the file specified. 0x80070002 (WIN32: 2 ERROR_FILE_NOT_FOUND)““
en_USEnglish