I am writing a service that should receive a Base64 encoded PKCS # 10 certificate request from a mobile device, and then return the certificates received from the CA.
I am trying to use "https: //CA-server/certsrv/mscep/mscep.dll? Operation = PKIOperation & Message = urlencoded request"
$ca_link_device="https://..../certsrv/mscep/mscep.dll"; $URL=$ca_link_device."?operation=PKIOperation&Message=".urlencode($BinarySecurityToken)."="; $ch3 = curl_init(); curl_setopt($ch3, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch3, CURLOPT_URL, $URL); curl_setopt($ch3, CURLOPT_HEADER, 0); $cert = curl_exec($ch3);
but the returned data contains an empty envelope. I most likely do something really dumb, but, unfortunately, my knowledge in the field of certificate management is close to zero. I tried to work with Google, but there are so many technical documents that I donβt know where to start, and what has to do with me and what doesnβt.
All help is much appreciated.
Edit: according to one documentation, I have to wrap my PKCS10 request in PKCS7. According to Microsoft, PKCS10 should be fine, and PKCS7 is only used to renew a certificate. Who to believe?
source share