How to create a certificate request with CertEnroll (ASP)


Hi all,


The other day I posted a Javascript sample which shows how to use CertEnroll COM component to create a certificate request and install the response from the CA (Certificate Authority): How to create a certificate request with CertEnroll (JavaScript).


The installation part of that sample assumed that we got a Base64 text with the response from the CA. But what if we i.e. send the request to a server, the server gets a .p7b or .cer binary file with the response from the CA, and we want to install the response on the client who requested the cert on the first place?


The following ASP sample shows how to install on the client the .p7b/.cer binary file that the server got with the response from the CA:


 

<%
‘ Convert binary to Base64

Function BinaryToBase64(binary)
‘ Create temporary node with Base64 data type
Set oXmlDom = CreateObject(“microsoft.xmldom“)
Set oElement = oXmlDom.createElement(“tmp”)
oElement.dataType = “bin.base64″
‘ Set bytes, get encoded String
oElement.nodeTypedValue = binary
BinaryToBase64 = oElement.text
End Function

‘ Read file into buffer

Function ReadBinaryFile(FileName)
Const adTypeBinary = 1
‘Create Stream object
Dim BinaryStream
Set BinaryStream = CreateObject(“ADODB.Stream“)
‘Specify stream type – we want To get binary data.
BinaryStream.Type = adTypeBinary
‘Open the stream
BinaryStream.Open
‘Load the file data from disk To stream object
BinaryStream.LoadFromFile FileName
‘Open the stream And get binary data from the object
ReadBinaryFile = BinaryStream.Read
End Function

‘ Read binary file as Base64

FileName = “C:\temp\certnew.p7b
‘FileName = “C:\temp\certnew.cer
sPKCS7 = BinaryToBase64(ReadBinaryFile(FileName))

‘ Be careful with line feeds in Base64 string

strings = split(sPKCS7, chr(10))
sPKCS7 = “”””
for i = 0 to ubound(strings) – 1
sPKCS7 = sPKCS7 + strings(i) + “”” + “””
next
sPKCS7 = sPKCS7 + strings(i) + “”””

%>

<html>
<head>
<title>Certificate Request test</title>
</head>
<body>
<object id=”objCertEnrollClassFactory” classid=”clsid:884e2049-217d-11da-b2a4-000e7bbb2b09″></object>
<script language=”javascript”>

function InstallCert()
{
document.write(“<br>Installing certificate…”);

try {
// Variables
var objEnroll = objCertEnrollClassFactory.CreateObject(“X509Enrollment.CX509Enrollment“)

objEnroll.Initialize(1); // ContextUser
objEnroll.InstallResponse(4, <%=sPKCS7%>, 1, “”); // AllowUntrustedRoot = 4, XCN_CRYPT_STRING_BASE64 = 1
}
catch (ex) {
document.write(“<br>” + ex.description);
return false;
}

document.write(“<br>Done!”);

return true;
}

InstallCert();

</script>

</body>
</html>


I hope this helps.


Regards,


 


Alex (Alejandro Campos Magencio)

Comments (0)