Suspect OpenSSL Certificates in Windows Certification Store

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Suspect OpenSSL Certificates in Windows Certification Store

Thomas Steinbach
Hello,

I'm somewhat new to OpenSSL and a few days ago I created
a CA and created an selfsigned certificate, which is intended to
use it with apache.

After installing that CA cert to my "Trusted Root Certification
Authorities", I saw two certification in my Personal Cert Store on
Windows 7.

See screenshot #1 at:
http://www.failure.bravehost.com/win/certificates/

Does anybody know if there is a "default" cert which will be
installed for a normal user? See: Screenshot #2
But perhaps this is a cert which I created in the past and within
my OpenSSL Tests in January.
Btw: As you can see, the cert is issued to _and_ by oslo\admin
but installed in the personal cert store of a normal but other
user than the "admin", who belongs to the Administrators group

Then there is the hint that this cert has a correspondending
private key to that certificate. But I _can't_ export that
private key (even if I change that normal user to the Administrator
Group). See Screenshot #3. Why only the cert and not the
private key?

The "myCertificate" (see #1, blue) is marked as a "Code Signing"
certificate. Btw: It is strange that this cert is valid until 2040 ... :-o

Does anybody know if this is an automated cert, perhaps
made/created by Visual Studio (2008sp1), while installation of
Visual Studio?

This "myCertificate" can export the private key (see screenshot #4)
btw: Why can I only export in this pkcs12 format (see screenshot #5),
when I select "[x] Yes, export the private key"
AFAIR the Base64 files can contain certs _and_ private keys too.
Or is this a misstake?

And then if I go to the next screen (screenshot #6) I have to
type a password. ???
Strange, because I don't have a password.

Hope that sombody can help me to clarify that issues.

Thomas
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]