peternintzel
asked on
System Cryptography: Force strong key protection for user keys stored on the computer
I am attempting to import a certificate from a website (cloud app provider) however, I cannot disable the option "Enable strong private key protection. You will be prompted every time the private key is used by an application...." which in turn forces me to enter a very obscure password.
I do not wish to have this setting checked, and I have "googled" this issue and have had many hits. So far, the only solution that I can find, is to go into the Local Security and change the folowing security policy: System Cryptography: Force strong key protection for user keys stored on the computer.
My problem is that I do not have this security entry. The closest I have is "System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing".
How can I find this security option and change the setting to "User input is not required when new keys are stored and used"? Is there another way to defeat the "disable" checkbox through the registry or other means?
This is a Windows XP pc and is not part of a domain and I am logging in as the administrator.
Thank you in advance for your assistance
I do not wish to have this setting checked, and I have "googled" this issue and have had many hits. So far, the only solution that I can find, is to go into the Local Security and change the folowing security policy: System Cryptography: Force strong key protection for user keys stored on the computer.
My problem is that I do not have this security entry. The closest I have is "System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing".
How can I find this security option and change the setting to "User input is not required when new keys are stored and used"? Is there another way to defeat the "disable" checkbox through the registry or other means?
This is a Windows XP pc and is not part of a domain and I am logging in as the administrator.
Thank you in advance for your assistance
johnb6767
I think that settign was in Windows 7 , maybe Vista..... May be able to isolate it to a reg value, but not sure if the XP OS can interpret it or simply ignores it.....
ASKER
John6767, thank you for the expedient response. One thing that I neglected to include was that this certificate worked just fine on my previous XP system (without the grayed out option). I just recently replaced that machine (bad motherboard) with a new XP machine (Yes, a new XP machine because our software vendor has not made our software ready for Vista/7).
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
The registry change did it... Thank you..