Discussion:
Suppressing user prompt for client certificates
(too old to reply)
pete_reay
2004-01-30 15:31:09 UTC
Permalink
Hi

I'm using the .NET Framework to make an HTTPS request to a server which requests a client certificate. Whenever I make a request it pops up a dialog titled "Signing data with your private exchange key" saying "An application is requesting access to a protected item - CryptoAPI private key".

It's no problem this popping up once, but the application makes many requests and often has to retry after timeouts. I want to know if there is any way I can give the application permanent 'permission' to use the certificate without repeatedly asking the user.

I'm not sure of the exact CryptoAPI functions the .NET framework is calling, I just would like to know if it is possible in principle... Or is this a design feature of the CryptoAPI?

Any information or suggestions would be very much appreciated.

Thanks in advance

Pete Reay
Vishal Agarwal[MSFT]
2004-01-30 18:36:51 UTC
Permalink
How is the request being created? Looks like when the key's are created on
your machine, a specific flag is passed to mark the key as protected
(resulting in the Pop up dialog whenever access to the key is made).

Thanks,
Vishal[MSFT]
--
This posting is provided "AS IS" with no warranties, and confers no rights
Post by pete_reay
Hi
I'm using the .NET Framework to make an HTTPS request to a server which
requests a client certificate. Whenever I make a request it pops up a dialog
titled "Signing data with your private exchange key" saying "An application
is requesting access to a protected item - CryptoAPI private key".
Post by pete_reay
It's no problem this popping up once, but the application makes many
requests and often has to retry after timeouts. I want to know if there is
any way I can give the application permanent 'permission' to use the
certificate without repeatedly asking the user.
Post by pete_reay
I'm not sure of the exact CryptoAPI functions the .NET framework is
calling, I just would like to know if it is possible in principle... Or is
this a design feature of the CryptoAPI?
Post by pete_reay
Any information or suggestions would be very much appreciated.
Thanks in advance
Pete Reay
Ryan Menezes [MSFT]
2004-02-01 01:48:32 UTC
Permalink
The dialog "signing data with your ..." is displayed by CryptSignHash()
every time it needs to access your private key (if it is marked
USER_PROTECTED).
Do you have information about which platform this is being used on and if
the provider handle HCRYPTPROV is being released between successive calls to
the API.

Thanks,
Ryan[MSFT]
This posting is provided "AS IS" with no warranties, and confers no rights
Post by Vishal Agarwal[MSFT]
How is the request being created? Looks like when the key's are created on
your machine, a specific flag is passed to mark the key as protected
(resulting in the Pop up dialog whenever access to the key is made).
Thanks,
Vishal[MSFT]
--
This posting is provided "AS IS" with no warranties, and confers no rights
Post by pete_reay
Hi
I'm using the .NET Framework to make an HTTPS request to a server which
requests a client certificate. Whenever I make a request it pops up a dialog
titled "Signing data with your private exchange key" saying "An application
is requesting access to a protected item - CryptoAPI private key".
Post by pete_reay
It's no problem this popping up once, but the application makes many
requests and often has to retry after timeouts. I want to know if there is
any way I can give the application permanent 'permission' to use the
certificate without repeatedly asking the user.
Post by pete_reay
I'm not sure of the exact CryptoAPI functions the .NET framework is
calling, I just would like to know if it is possible in principle... Or is
this a design feature of the CryptoAPI?
Post by pete_reay
Any information or suggestions would be very much appreciated.
Thanks in advance
Pete Reay
pete_reay
2004-02-03 09:41:07 UTC
Permalink
Thanks for the hints - I think I need to look into how the .NET web request method uses the CryptoAPI...
Loading...