Andy E

Is it possible to retrieve a list of certificates in a local store using JScript/WMI I'm just adding some finishing touches to my .gadget packager gadget and it would be nice if I could offer the selection of certificates.

Cheers,


Andy




Re: Sidebar Gadget Development Accessing local certificate store through script?

Jonathan Abbott

Have a look at the Cryptography API functions, not sure if there's a COM. You'll probably have to resort to compiled code.

The function you're after is CertEnumCertificatesInStore




Re: Sidebar Gadget Development Accessing local certificate store through script?

Andy E

I think you're right. I found the following example, but couldn't get my head round it (i think I've been looking at too much code today ):

http://www.jensign.com/JavaScience/cryptoutils/PVKCertsWMI.txt

It says you need capicom.dll to be registered (it's in my System32 folder, so it's possible it's distributed with Vista, assuming it hasn't been installed with any of the SDKs I have on here). I may have another crack at it tomorrow.

Andy






Re: Sidebar Gadget Development Accessing local certificate store through script?

Andy E

Well, it looks like it can be done using capicom.dll (capicom is a COM interface for Microsoft's CryptoAPI). However, when I try and do anything with the created activex object ("CAPICOM.Store"), I get the following error:

Error in loading DLL


I looked into it further and CAPICOM is no longer supported as of Windows Vista, but according to a forum post I found, it still works in Windows Vista. Can anyone confirm it Try the following code:

Code Snippet
oStore = new ActiveXObject("Capicom.Store");
oStore.Open(2, "MY", 0);
System.Debug.outputString(oStore.Certificates.Count);

I've tried for a while now, but I just can't get it working. I'm not going to go to the effort of writing a COM wrapper for the CryptoAPI functions, it's just too much of a pain, working with your own ActiveX controls in Sidebar. Having to write them to the registry, deleting it from the registry on exit, helping users on x64 when the com object doesn't get written to the registry, etc.


Andy






Re: Sidebar Gadget Development Accessing local certificate store through script?

Jonathan Abbott

"I'm not going to go to the effort of writing a COM wrapper for the CryptoAPI functions, it's just too much of a pain, working with your own ActiveX controls in Sidebar. Having to write them to the registry, deleting it from the registry on exit, helping users on x64 when the com object doesn't get written to the registry, etc."

Now, that's just lazy!

Unfortunately, you'll have to do this anyway, as CAPICOM doesn't come with Windows by default.





Re: Sidebar Gadget Development Accessing local certificate store through script?

Andy E

Bah! Wink The only way I would do it is if I built a COM to handle packaging the CAB/ZIP... but, best to wait and see if anyone actually uses it first!

Andy






Re: Sidebar Gadget Development Accessing local certificate store through script?

BPO11

Just FYI, yes CAPICOM.dll is supported in Vista. it is just not registered by default. Just register the .dll by selecting start > run> and type "regsvr32.exe %windir%\system32\capicom.dll"

this will register capicom.dll assuming the dll is there. the latest capicom.dll (2.1.0.2) has been packaged via windows update and is actually installed in the following location:

"C:\Program Files\Microsoft CAPICOM 2.1.0.2\Lib\X86\"

Once it is registered, you should be good to go:

' ** Instantiate certificate store object
Set objCertStore = CreateObject("Capicom.Store")