I created a self-signed certificate (created using OpenSSL) and installed it into the Certificate Store using the Certificates MMC snap-in (CertMgr.msc) on Windows Vista Ultimate.
I have managed to open the certificate store by using CertOpenSystemStore. And I can then find the certificate using CertFindCertificateInStore
However I am not sure what this error really means, as I have been unable to spot the answer in the MSDN documentation.
- Is this a certificate problem?
- Or an OS problem (in the sense it should be a Windows Server OS for this to work)?
I am using Win32 API in Delphi 2010, but C examples are fine.
The error description in MSDN is rather vague:
Afaik this error means that the SSPI SChannel package did not find the private key for the certificate or the certificate is not valid for SSL/TLS. Make sure the certificate/private key are loaded in the PROV_RSA_SCHANNEL Crypto provider (CSP), not in the Enhanced CSP.
You should enable SChannel logging for (much) more detailed error info, see How to enable Schannel event logging (KB is for IIS, but the method described enabled Schannel logging globally on the machine):
The value can be a combination of:
0: Do not log (Windows NT 4 default)1: Log error messages (Windows 2000 and Windows XP default)2: Log warnings4: Log informational and success eventsBeen a while since I worked with SSL/TLS, but if I may give one advice: google for posts by "John Banes" and the error you have, you're likely going to find some clues.