Skip to main content
This forum is closed to new posts and responses. Individual names altered for privacy purposes. The information contained in this website is provided for informational purposes only and should not be construed as a forum for customer support requests. Any customer support requests should be directed to the official HCL customer support channels below:

HCL Software Customer Support Portal for U.S. Federal Government clients
HCL Software Customer Support Portal

Notes/Domino 6 and 7 Forum

Notes/Domino 6 and 7 Forum

  

PreviousPrevious NextNext

RE: SmardCard Delete Key Problem / Decrypt Message ambiguity
~Umberto Nongeroson 9.Jan.04 06:29 PM a Web browser
Notes Client All Releases All Platforms



When I import the certificate (with private key) again, the option "Move Private Key to SmartCard" is disabled - that means i cannot put the private key again on the smardcard - because notes seems to cache your settings within the ID file.

Leaf certificates (with private keys) aren't actually deleted from the ID file, because then you would lose access to mail that was encrypted to that certificate -- they are just no longer displayed, and cannot be "actively" used. When you re-add the same certificate chain again, and the certificate becomes active once more, you will probably find that the private key on the token is being used.

The same thing applies when i manually delete the private key from the smart card - it doesnt work either, cant move private key to smartcard again - once i did it, and delete it again - i cannot do it again - i have to use an older copy of my ID file which never had that key.

Notes doesn't currently cleanly handle having objects on the token that it needs being deleted out from under it. I've written an SPR (DKEN5V2PRT) to add a few more checks to the "move private key to smartcard" process.

Second Problem, Encrypted Messages do not use the private key on the smartcard for decrytion - i do not know how this is possibile - i can manually delete the private key from the smartcard and notes is still able to decrypt, after deletion however - signing is not possibile (the way it should).

Your default signing certificate is configured in the ID file, but the default encryption certificate is configured in the public directory. Check your person record in the public directory that the sender is using and confirm that your "exported" certificate is the default encryption certificate. Once the sender is encrypting with the correct key, that particular problem should go away. When you export a private key to the token, the copy of the key in the ID file is deleted, so it's definitely not decrypting with a copy of the key in the ID file.

Good luck, and let us know how it turns out.


dave





SmardCard Delete Key Problem / Decr... (~August Zenhipi... 8.Jan.04)
. . RE: SmardCard Delete Key Problem / ... (~Tanita Desweve... 9.Jan.04)
. . . . RE: SmardCard Delete Key Problem / ... (~August Zenhipi... 12.Jan.04)
. . . . . . RE: SmardCard Delete Key Problem / ... (~Tanita Desweve... 13.Jan.04)
. . . . . . . . RE: SmardCard Delete Key Problem / ... (~August Zenhipi... 14.Jan.04)
. . . . . . . . . . Smartcard-enabling an ID file throu... (~Tanita Desweve... 14.Jan.04)

Document Options






  Document options
Print this pagePrint this page

Search this forum

Forum views and search


  Forum views and search
Date (threaded)
Date (flat)
With excerpt
Category
Platform
Release
Advanced search

Member Tools


RSS Feeds

 RSS feedsRSS
All forum posts RSS
All main topics RSS