<%@ CODEPAGE=65001 'UTF-8%> <%' certcarc.asp - (CERT)srv web - install (CA) (R)oot (C)ertificate ' Copyright (C) Microsoft Corporation, 1998 - 1999 %> <% On Error Resume Next ' from \nt\public\sdk\inc\certcli.h Const CR_OUT_BASE64HEADER=&H00000000 Const CR_OUT_BASE64 =&H00000001 Const CR_OUT_BINARY =&H00000002 Const CR_OUT_CHAIN =&H00000100 Const CATYPE_ENTERPRISE_ROOTCA=0 Const CATYPE_ENTERPRISE_SUBCA=1 Const CATYPE_STANDALONE_ROOTCA=3 Const CATYPE_STANDALONE_SUBCA=4 Const CATYPE_UNKNOWN_CA=5 ' from \nt\private\ca\include\certlib.h Const GETCERT_CAXCHGCERT=1 ' == C/C++ TRUE value Const GETCERT_CASIGCERT=False Const CR_GEMT_HRESULT_STRING =&H00000001 Const CR_PROP_CASIGCERTCOUNT=11 Const CR_PROP_CASIGCERTCHAIN=13 Const CR_PROP_CACERTSTATE=19 Const CR_PROP_CRLSTATE=20 Const CR_PROP_DELTACRL=18 Const PROPTYPE_LONG=1 Const PROPTYPE_BINARY=3 Const CERT_VALID=3 ' == CA_DISP_VALID Const CRL_AVAILABLE=3 ' == CA_DISP_VALID Const CRL_OPTIONAL=4 ' == CA_DISP_INVALID ' Strings To Be Localized Const L_InstallThisCACert_Message="Install this CA certificate" Const L_InstallThisCACertChain_Message="Install this CA certificate chain" Const L_InstallCACert_Message="Install CA certificate" Const L_DownloadCert_Message="Download CA certificate" Const L_DownloadChain_Message="Download CA certificate chain" Const L_DownloadBaseCrl_Message="Download latest base CRL" Const L_DownloadDeltaCrl_Message="Download latest delta CRL" Dim sCaInfo, rgCaInfo, nRenewals, rgCrlState, rgCertState, bFailed, nError, bDeltaCrl Set ICertRequest=Server.CreateObject("CertificateAuthority.Request") ' get the number of renewals bFailed=False bDeltaCrl = True nRenewals=ICertRequest.GetCAProperty(sServerConfig, CR_PROP_CASIGCERTCOUNT, 0, PROPTYPE_LONG, CR_OUT_BINARY) If 0=Err.Number Then nRenewals=nRenewals-1 ' get the key-reused state of the CRLs and the validity of the CA Certs ReDim rgCrlState(nRenewals) ' 0 based size ReDim rgCertState(nRenewals) ' 0 based size For nIndex=0 To nRenewals rgCrlState(nIndex)=ICertRequest.GetCAProperty(sServerConfig, CR_PROP_CRLSTATE, nIndex, PROPTYPE_LONG, CR_OUT_BINARY) rgCertState(nIndex)=ICertRequest.GetCAProperty(sServerConfig, CR_PROP_CACERTSTATE, nIndex, PROPTYPE_LONG, CR_OUT_BINARY) Next ' get the cert chain and save it on this page so the client can install it If "IE"=sBrowser Then Public sPKCS7 Dim sCertificate sCertificate=ICertRequest.GetCACertificate(GETCERT_CASIGCERT, sServerConfig, CR_OUT_BASE64_HEADER Or CR_OUT_CHAIN) sPKCS7=FormatBigString(sCertificate, " sPKCS7=sPKCS7 & ") End If End If If Err.Number<>0 Then ' CA may be down. bFailed=True nError=Err.Number End If ICertRequest.GetCAProperty sServerConfig, CR_PROP_DELTACRL, 0, PROPTYPE_BINARY, CR_OUT_BASE64HEADER If &H80070002=Err.Number Then 'delta crl is not available bDeltaCrl = False End If '----------------------------------------------------------------- ' Format the big string as a concatenated VB string, breaking at the embedded newlines Function FormatBigString(sSource, sLinePrefix) Dim sResult, bCharsLeft, nStartChar, nStopChar, chQuote sResult="" chQuote=chr(34) bCharsLeft=True nStopChar=1 While (bCharsLeft) nStartChar=nStopChar nStopChar=InStr(nStopChar, sSource, vbNewLine) If (nStopChar>0) Then sResult=sResult & sLinePrefix & chQuote & Mid(sSource, nStartChar, nStopChar-nStartChar) & chQuote & " & vbNewLine" If (nStopChar>=Len(sSource)-Len(vbNewLine)) Then bCharsLeft=False End If Else bCharsLeft=False End if sResult=sResult & vbNewLine nStopChar=nStopChar+Len(vbNewLine) Wend FormatBigString=sResult End Function '----------------------------------------------------------------- ' Walk through the CRL validity list and return the nearest valid CRL Function GetGoodCrlIndex(nIndex) Dim nSource nSource=nRenewals-nIndex While (nSource>0 And CRL_AVAILABLE<>CInt(rgCrlState(nSource))) nSource=nSource-1 Wend GetGoodCrlIndex=nSource End Function %> Microsoft Certificate Services
Microsoft Certificate Services  --  <%=sServerDisplayName%>   Home
<%If True=bFailed Then %>

Error

An unexpected error has occurred: <%If nError=&H800706BA Or nError=&H80070005 Then%> The Certification Authority Service has not been started. <%Else%> <%=ICertRequest.GetErrorMessageText(nError, CR_GEMT_HRESULT_STRING)%> <%End If%> <%Else 'True<>bFailed%>

Download a CA Certificate, Certificate Chain, or CRL

<%If "IE"=sBrowser Then%> To trust certificates issued from this certification authority, install this CA certificate chain. <%ElseIf "NN"=sBrowser Then%> To trust certificates issued from this certification authority, install this CA certificate. <%Else%> To trust certificates issued from this certification authority, install this CA certificate chain. <%End If%>

To download a CA certificate, certificate chain, or CRL, select the certificate and encoding method. <%If "Text"<>sBrowser Then%>
>


Encoding method:
<%If "IE"=sBrowser Then%> <%If True=bDeltaCrl Then %> <%End If%>
Download CA certificate
Download CA certificate chain
Download latest base CRL
Download latest delta CRL
<%Else '"NN"=sBrowser%> <%If True=bDeltaCrl Then %> <%End If%>
Install CA certificate
Download CA certificate
Download CA certificate chain
Download latest base CRL
Download latest delta CRL
<%End If%> <%Else '"Text"=sBrowser%>

<%For nIndex=0 To nRenewals%> <%If CERT_VALID=CInt(rgCertState(nRenewals-nIndex)) Then%>
CA Certificate: <%If 0=nIndex Then%>Current<%Else%>Previous<%End If%><%If nIndex<>nRenewals Then%> [<%=sServerDisplayName%>(<%=nRenewals-nIndex%>)]<%Else%> [<%=sServerDisplayName%>]<%End If%>
Download CA certificate with the following encoding method:
    DER Base 64
Download CA certificate chain with the following encoding method:
    DER Base 64
Download latest base CRL with the following encoding method:
    DER Base 64
Download latest delta CRL with the following encoding method:
    DER Base 64

<%End If%> <%Next%>
<%End If%>
<%bIncludeXEnroll=True%> <%bIncludeGetCspList=False%> <%If "IE"=sBrowser Then%>
<%End If%> <%If "IE"=sBrowser Then%> <%End If '"IE"=sBrowser%> <%End If 'bFailed%>