Vadims Podans
Vadims Podans
Yes, it is doc bug. In your case, last parameter should be `$false`. `$true` is necessary only when lookup for: - certificate templates - custom application policies (or EKU) -...
> https://www.pkisolutions.com/tools/pspki/Set-OnlineResponderProperty/ The `-AuditFlag` parameter this parameter enables only OCSP audit. This doesn't affect CA audit setting.
This is a known issue when private key is stored in KSP. There is an issue with the way how .NET imports the PFX and making it exportable — it...
Reopening this. There is a chance to get this working for certificates installed in store, rather than PFX.
I think this is a different issue. The error is thrown from LDAP accessor. It may indicate that CA has assigned a certificate template which no longer exist in Active...
then it is something with AD. Here is where `CATemplate` attempts to find the certificate template in AD: https://github.com/PKISolutions/pkix.net/blob/f77ec6d1e4d23ac87a6a427b835724839b10f856/PKI/CertificateServices/CATemplate.cs#L77 and the exception is most likely thrown there.
Fair enough. However, this in most cases is kind of tricky, because private key must have `NCRYPT_ALLOW_PLAINTEXT_EXPORT_FLAG` flag enabled and which is not always set for exportable key. That is,...
you are right, the delay is caused by signature validation routine, which builds the chain and contact internet to get revocation info from public CA. However, this should not be...
Have you tried to specify your smart card vendor KSP instead of Microsoft one?
Have you tried this provider: Microsoft Platform Crypto Provider? Unlike software KSP, Microsoft Smart Card Key Storage Provider is abstract provider and has no default implementation. On a system, you...