Welcome to MSDN Blogs Sign in | Join | Help

Decrypt my World

Cryptography, Security, Debugging and more!

News

  • Any of my posts is supported under any Microsoft standard support program or service. They are provided "AS IS" without warranty of any kind, and confer no rights.

Where are my readers?

Locations of visitors to this page

Favorite Posts

CertEnroll::CX509Enrollment::p_CreateRequest returns error 0x800b0112

Hi all,

One of the issues we may find when trying the code in my post How to create a certificate request that uses key archival with CertEnroll (JavaScript) is the following error when creating the request: 

CertEnroll::CX509Enrollment::p_CreateRequest: A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider. 0x800b0112 (-2146762478)

This issue can occur if the CA certificate is not in client's Enterprise NTAuth store. The local NTAuth store can be manually populated using the utility certutil.exe:

Certutil -enterprise -addstore NTAuth CaCertificate.cer

More info here:

How to import third-party certification authority (CA) certificates into the Enterprise NTAuth store

I hope this helps.

Regards,

Alex (Alejandro Campos Magencio)

Posted: Thursday, May 28, 2009 10:44 AM by alejacma
Filed under:

Comments

David Wilson said:

If the requests fails and I try and run it again.  It fails because objPrivateKey exists.  How can I delete the key?

# September 9, 2009 11:25 AM
Leave a Comment

(required) 

(required) 

(optional)

(required) 

  
Enter Code Here: Required

Comment Notification

If you would like to receive an email when updates are made to this post, please register here

Subscribe to this post's comments using RSS

Page view tracker