Solved

Private Key Password

Posted on 2006-10-27
5
179 Views
Last Modified: 2010-04-11
I have set up a application that creates a digital signature using a certificate.  I installed the certificate with the private key using certificate services.  The application seems to work as it shoud but does not ask me for the password for the private key before encryption.
0
Comment
Question by:Kevin Robinson
  • 2
5 Comments
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 17828341
No, your only signing the message, your not encrypting it... http://en.wikipedia.org/wiki/Public-key_cryptography
public key digital signature — allowing anyone to verify that a message was created with a specific private key.
The public key is available for others the check that the private key created the file/message.
http://en.wikipedia.org/wiki/Public_key_certificate
-rich
0
 
LVL 3

Author Comment

by:Kevin Robinson
ID: 17832435
"No, your only signing the message"  

This is exactly what I want to do.  I want to use this signature as a replacement for a physical signature.
0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 500 total points
ID: 17832803
The password you supply is what each of the keys derive the hash's from... when you setup, you input a password, then the private key is made based on that password, and the public key is made based on the private key. You never need a password again, just the key's.
Are you trying to sign emails? Try GPG http://www.gnupg.org/(en)/documentation/guides.html
http://www.experts-exchange.com/Security/Q_22041521.html#17831350
-rich
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

If you get continual lockouts after changing your Active Directory password, there are several possible reasons.  Two of the most common are using other devices to access your email and stored passwords in the credential manager of windows.
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now