tags:

views:

3576

answers:

3
+4  Q: 

Self Signed Certificate in Windows without makecert?

We have a shrink wrap type Windows server application where we need to create a self signed certificate on the server to be used by some WCF web services. From our searches on the web, it appears that the makecert utility in the PlatformSDK from Microsoft cannot be distributed with our application, so we're looking for alternatives.

Does anyone know how to use OpenSSL to create a certificate and get it into the Windows LocalMachine certificate store? Or, alternatively is it straight forward to insert the certificate into the store in a .NET application and should we just create the certificate file with openssl? Any help/suggestions would be appreciated.

+1  A: 

Woohoo! It's time for pinvoke for you

crypt32 provides a CertCreateSelfSignCertificate function; if that succeeds you can store it in the user's personal store (or the machine store assuming you're working elevated)

blowdart  2008-10-09 14:55:27
+2  A: 

I haven't used OpenSSL, but I'm in the same boat and have found this article helpful:

Securing WCF Services with Certificates

The author walks you through installing Microsoft Certificate Services, creating a CA that can be added to the trusted certificate authorities (on both client and server, since it's self signed), then generating client and server certificates that chain from the self-signed CA cert.

You won't need the client certs, but it does help you to create a self-signed CA and server cert.

Mike L  2008-10-09 20:21:21
+3  A: 

[Unfortunately, I can't comment on anything yet, so I'll post this as an answer.]

I see that this post is a bit old, but I'm in a similar boat and I found this in the Visual Studio 2008 redist.txt file:

Windows SDK Files

Subject to the license terms for the software, the following files may be distributed unmodified:

MageUI.exe
Mage.exe
Makecert.exe

Not sure if something has changed (and if my interpretation is correct), but it looks like makecert.exe included as part of the Windows SDK, which is in-turn included as part of the VS2008 install can actually be redistributed.

Naveen  2010-02-16 13:41:25
That's my understanding as well.
EricLaw -MSFT-  2010-08-24 23:22:23

related questions

Subsonic Vs NHibernate
How to check For File Lock in C# ?
Is nAnt still supported and suitable for .net 3.5/VS2008?
Limit size of Queue<T> in .NET?
Viewstate invalid when using Safari
Free OCR library
Unhandled Exception Handler in .NET 1.1
Localising date format descriptors
Get a new object instance from a Type in C#
VFP .NET OLEdb provider does not work in Win 64-Bits. Help
.NET Testing Framework Advice
Embedded Database for .net that can run off a network
Automatically update version number
Homegrown consumption of web services
How do you migrate a large app from VB6 to VB .net ?
.NET Migrations Engine
Adding Scripting functionality to .NET applications
SQLite and XSD
Floating Point Number parsing: Is there a Catch All algorithm?
How do I programmatically create a PDF in my .NET application?
How do I sync the SVN revision number with my ASP.NET web site?
XSD DataSets and ignoring foreign keys
Anatomy of a "Memory Leak"
Reliable Timer in a Console Application
How do I calculate relative time?