Hi everyone.







My question is about compatibility between CAPICOM, Biztalk and WSE. As far

as I understand, Biztalk 2004 (and predecessors) had the ability of apply

digital signatures and encryption to messages, using x509v3 certificates,

for example.







As a part of a solution we develop, we decided to use CAPICOM on the client

side because of the impact of asking our "customers" to install the

Microsoft .NET Framework was high. Besides, at that moment of time, the

version of the framework was the 1.0, WSE didn't exist, and we didn't know

how to easily implement the multiple signing (cosign in CAPI) and encryption

(with the limited capacity of the framework), so we decided to use CAPI.







On the Biztalk side (our company) we tried to use Biztalk 2002 and a CAPI

Interop, but it didn't behave well, on some circumstances it just crash

everything and we deduced that it was a multithreading issue (and the fact

that a PIA doesn't exist for CAPI, why?). So we were forced to take CAPI out

of Biztalk and put it "in front" of it, so that this service receives the

packages decrypted and verified.







To make it short, we want to change this solution and incorporate the

decryption functionality into Biztalk, but with our client applications

still using CAPICOM. That's why I've mentioned WSE 2.0, because it gives a

lot of signing and encrypting functionality, but I believe that it's not

compatible with the methods that CAPI uses to provide multiple signing or...







Any idea or comment would be appreciated.







Rummy.

Wait until .NET 2.0, the WSE 1.0/2.0 does not support private keys. You can't load or import the private key from any certificate using the intrinsic functionality. This will be possible in .NET 2.0, but it is not supported for now, basically making all signing impossible with a fixed (registry loaded) certificate.  You can sign with a randomly generated RSA key, but not one stored in a file or in the System.



-Hex

  -MCSD vb6

Thanx for the advice, Hex.



Rummy.



"Hex" <Hex.1i3qyr@mail.mcse.ms> wrote in message

news:Hex.1i3qyr@mail.mcse.ms...

>

> Wait until .NET 2.0, the WSE 1.0/2.0 does not support private keys. You

> can't load or import the private key from any certificate using the

> intrinsic functionality. This will be possible in .NET 2.0, but it is

> not supported for now, basically making all signing impossible with a

> fixed (registry loaded) certificate.  You can sign with a randomly

> generated RSA key, but not one stored in a file or in the System.

>

> -Hex

> -MCSD vb6

>

>

>

> --

> Hex

> ------------------------------------------------------------------------

> Posted via http://www.mcse.ms

> ------------------------------------------------------------------------

> View this thread: http://www.mcse.ms/message1260905.html

>