Share via


How to create a certificate request with CertEnroll (ASP)

Hi all,

The other day I posted a Javascript sample which shows how to use CertEnroll COM component to create a certificate request and install the response from the CA (Certificate Authority): How to create a certificate request with CertEnroll (JavaScript).

The installation part of that sample assumed that we got a Base64 text with the response from the CA. But what if we i.e. send the request to a server, the server gets a .p7b or .cer binary file with the response from the CA, and we want to install the response on the client who requested the cert on the first place?

The following ASP sample shows how to install on the client the .p7b/.cer binary file that the server got with the response from the CA:

 

 <%
  ' Convert binary to Base64
  '
  Function BinaryToBase64(binary)
      ' Create temporary node with Base64 data type  
      Set oXmlDom = CreateObject("microsoft.xmldom")
      Set oElement = oXmlDom.createElement("tmp")
      oElement.dataType = "bin.base64"
      ' Set bytes, get encoded String 
      oElement.nodeTypedValue = binary
      BinaryToBase64 = oElement.text
  End Function 

  ' Read file into buffer
  '
  Function ReadBinaryFile(FileName)
      Const adTypeBinary = 1
      'Create Stream object
      Dim BinaryStream
      Set BinaryStream = CreateObject("ADODB.Stream")
      'Specify stream type - we want To get binary data.
      BinaryStream.Type = adTypeBinary
      'Open the stream
      BinaryStream.Open
      'Load the file data from disk To stream object
      BinaryStream.LoadFromFile FileName
      'Open the stream And get binary data from the object
      ReadBinaryFile = BinaryStream.Read
  End Function 

  ' Read binary file as Base64
  '
  FileName = "C:\temp\certnew.p7b"
  'FileName = "C:\temp\certnew.cer"
  sPKCS7 = BinaryToBase64(ReadBinaryFile(FileName))
  
  ' Be careful with line feeds in Base64 string
  '
  strings = split(sPKCS7, chr(10))
  sPKCS7 = """"
  for i = 0 to ubound(strings) - 1
    sPKCS7 = sPKCS7 + strings(i) + """ + """
  next
  sPKCS7 = sPKCS7 + strings(i) + """"

%>

<html>
<head>
    <title>Certificate Request test</title>
</head>
<body> 
    <object id="objCertEnrollClassFactory" classid="clsid:884e2049-217d-11da-b2a4-000e7bbb2b09"></object>    
    <script language="javascript">
        
      function InstallCert() 
      {        
        document.write("<br>Installing certificate...");                      

        try {
          // Variables
          var objEnroll = objCertEnrollClassFactory.CreateObject("X509Enrollment.CX509Enrollment")

          objEnroll.Initialize(1); // ContextUser
          objEnroll.InstallResponse(4, <%=sPKCS7%>, 1, ""); // AllowUntrustedRoot = 4, XCN_CRYPT_STRING_BASE64 = 1
        }
        catch (ex) {
          document.write("<br>" + ex.description);
          return false;
        }

        document.write("<br>Done!");                      

        return true;
      }

      InstallCert();
    
    </script>
    
    
</body>
</html>

I hope this helps.

Regards,

 

Alex (Alejandro Campos Magencio)