see sharp RSS 2.0
# Saturday, 02 May 2009
Coding conventions are for whimps :-)
I like that:
It's written for JAVA :-), but it matches other languages like C# too.
Brad Adams writes on how to make it better ><
Saturday, 02 May 2009 19:26:56 (Mitteleuropäische Sommerzeit, UTC+02:00)  #    -
anything else
# Thursday, 30 April 2009
Thursday, 30 April 2009 18:40:13 (Mitteleuropäische Sommerzeit, UTC+02:00)  #    -
anything else
# Wednesday, 29 April 2009
You can increase the logging level of the Certificate service in the event log for troubleshooting.
This causes Certificate services to log more frequent and verbose Application Event log entries.
To increase the logging level of the Certificate service, run the command:

certutil -setreg ca\loglevel logginglevel

where logginglevel is the level you want to use, and then restart the service.

The following ranges are available:


taken from

and don't forget to restart the certificate services :-)

If you use CLM you may also want to set the loglevel for the Policy and Exit modules:

Policy module
Add a string value named Microsoft.Clm.PolicyModule to the following registry key:
Exit module
Add a string value named Microsoft.Clm.ExitModule in the following registry key:

Set the string value to the desired logging level (Info, Warning, Error or verbose), and then restart the CLM Service to apply the trace logging settings.

Policy module plugins
If you need logging for the CLM policy module plugins, you must create a config file.
Enabling trace logging for the policy module plug-ins causes CLM 2007 to write the error output to the system debug stream, viewable using DebugView.

To enable trace logging, you must create a config file for certsrv.exe file in the C:\WINDOWS\system32 folder.
Create a new text document and name it certsrv.exe.config;
open the new file and copy/paste the following configuration information (It's standard .NET tracing):

<?xml version="1.0" encoding="utf-8" ?>
  <trace autoflush="true" indentsize="2" />
    <add name="Microsoft.Clm.PolicyModulePlugins" value="4" />

Wednesday, 29 April 2009 18:48:59 (Mitteleuropäische Sommerzeit, UTC+02:00)  #    -
CLM | Tracing
# Saturday, 25 April 2009
Saturday, 25 April 2009 19:32:22 (Mitteleuropäische Sommerzeit, UTC+02:00)  #    -
anything else | C#
# Wednesday, 22 April 2009
Xpath is always fun when it comes to selecting nodes, but it gets even more fun when you have to select the node by attribute.

Assume this XML:
    <add key="one" value="two"/>

We can easily select the whole add node with the attribute 'one' by using this path: 


Thats perfectly fine, but now I want the value attribute for that node.
As we have an xpath to the node itself we can use this:


I always have to look such things up ;-)

A nice compilation of Xpath can be found >here<

Wednesday, 22 April 2009 18:53:44 (Mitteleuropäische Sommerzeit, UTC+02:00)  #    -

# Tuesday, 24 March 2009
To delete a certificate store you created using the .NET API (X509Store) you have to use the P/Invoke version of  CertOpenStore with the CERT_STORE_DELETE flag:

First, import the function:
[DllImport("crypt32.dll", CharSet = CharSet.Auto, SetLastError = true)]
public static extern IntPtr CertOpenStore(
        IntPtr storeProvider,
        uint dwMsgAndCertEncodingType,
        IntPtr hCryptProv,
        uint dwFlags,
        String cchNameString);

Next define some constants (wincrypt.h is your friend):
const int CERT_STORE_PROV_SYSTEM = 10;
const int CERT_SYSTEM_STORE_CURRENT_USER = 0x1 << 16;
const int CERT_STORE_DELETE_FLAG = 0x10; 

Finally, call the open function:

Tuesday, 24 March 2009 18:21:52 (Mitteleuropäische Zeit, UTC+01:00)  #    -
# Wednesday, 11 March 2009
If you are developing with RMS you often need to run Office programs in a PreProduction hierarchy.
Many articles have been written on how to set up a PreProduction environment.
A nice article on how to setup Office 2007 in a PreProduction env can be found >here<

I have heard rumors that some customers did not instantly upgrade to the new and shiny Office 2007 and still use the old office 2003, and here is a way on setting it up:

  1. get the PreProduction keys and the genmanifest tool

  2. create a MCF file for the application: You will need the MSO.DLL, OLE32.DLL and of course winword.exe and msdrm.dll:
        REQ     "%PROGRAMFILES%\\Microsoft Office\\OFFICE11\\winword.exe"
        REQ     "%COMMONPROGRAMFILES%\\Microsoft Shared\\office11\\mso.dll"  
        req NOHASH "%Windowsdir%\\system32\\ole32.dll"  
        opt     "%WINDIR%\\system32\\msdrm.dll"
            PUBLICKEY "C:\\projects\\PreProductionKeys\\ISVTier5AppSigningPubKey.dat"
    (be sure to change the hard-coded path to fit your needs)

  3. create a backup of the XML files in your office installation (located at "%PROGRAMFILES%\\Microsoft Office\\OFFICE11")

  4. run the manifest tool:
    genmanifest -chain "ISVTier5AppSignSDK_Client.xml" WinWord_pre_prod.mcf WRDPRTID.XML

Wednesday, 11 March 2009 18:32:33 (Mitteleuropäische Zeit, UTC+01:00)  #    -
# Tuesday, 03 March 2009
Working with a Microsoft CA, you often need to query the CA's database.
To determine the schema of the database you can use certutil to view it:

certutil -schema

this will list the columns, their types, their length and if they are indexed.

c:\Program Files\Microsoft Visual Studio 8\VC>certutil -schema
Column Name Localized Name Type MaxLength
---------------------------- ---------------------------- ------ ---------
Request.RequestID Request ID Long 4 -- Indexed
Request.RawRequest Binary Request Binary 65536
Request.RawArchivedKey Archived Key Binary 65536
Request.KeyRecoveryHashes Key Recovery Agent Hashes String 8192
Request.RawOldCertificate Old Certificate Binary 16384
Request.RequestAttributes Request Attributes String 32768
Request.RequestType Request Type Long 4
Request.RequestFlags Request Flags Long 4
Request.StatusCode Request Status Code Long 4
Request.Disposition Request Disposition Long 4 -- Indexed
Request.DispositionMessage Request Disposition Message String 8192
Request.SubmittedWhen Request Submission Date Date 8
Request.ResolvedWhen Request Resolution Date Date 8 -- Indexed
Request.RevokedWhen Revocation Date Date 8
Request.RevokedEffectiveWhen Effective Revocation Date Date 8 -- Indexed
Request.RevokedReason Revocation Reason Long 4
Request.RequesterName Requester Name String 2048 -- Indexed
Request.CallerName Caller Name String 2048 -- Indexed
Request.SignerPolicies Signer Policies String 8192
Request.SignerApplicationPolicies Signer Application Policies String 8192
Request.Officer Officer Long 4
Request.DistinguishedName Request Distinguished Name String 8192
Request.RawName Request Binary Name Binary 4096
Request.Country Request Country/Region String 8192
Request.Organization Request Organization String 8192
Request.OrgUnit Request Organization Unit String 8192
Request.CommonName Request Common Name String 8192
Request.Locality Request City String 8192
Request.State Request State String 8192
Request.Title Request Title String 8192
Request.GivenName Request First Name String 8192
Request.Initials Request Initials String 8192
Request.SurName Request Last Name String 8192
Request.DomainComponent Request Domain Component String 8192
Request.EMail Request Email Address String 8192
Request.StreetAddress Request Street Address String 8192
Request.UnstructuredName Request Unstructured Name String 8192
Request.UnstructuredAddress Request Unstructured Address String 8192
Request.DeviceSerialNumber Request Device Serial Number String 8192
RequestID Issued Request ID Long 4 -- Indexed
RawCertificate Binary Certificate Binary 16384
CertificateHash Certificate Hash String 128 -- Indexed
CertificateTemplate Certificate Template String 254 -- Indexed
EnrollmentFlags Template Enrollment Flags Long 4
GeneralFlags Template General Flags Long 4
SerialNumber Serial Number String 128 -- Indexed
IssuerNameID Issuer Name ID Long 4
NotBefore Certificate Effective Date Date 8
NotAfter Certificate Expiration Date Date 8 -- Indexed
SubjectKeyIdentifier Issued Subject Key Identifier String 128
RawPublicKey Binary Public Key Binary 4096
PublicKeyLength Public Key Length Long 4
PublicKeyAlgorithm Public Key Algorithm String 254
RawPublicKeyAlgorithmParameters Public Key Algorithm Parameters Binary 4096
UPN User Principal Name String 2048 -- Indexed
DistinguishedName Issued Distinguished Name String 8192
RawName Issued Binary Name Binary 4096
Country Issued Country/Region String 8192
Organization Issued Organization String 8192
OrgUnit Issued Organization Unit String 8192
CommonName Issued Common Name String 8192 -- Indexed
Locality Issued City String 8192
State Issued State String 8192
Title Issued Title String 8192
GivenName Issued First Name String 8192
Initials Issued Initials String 8192
SurName Issued Last Name String 8192
DomainComponent Issued Domain Component String 8192
EMail Issued Email Address String 8192
StreetAddress Issued Street Address String 8192
UnstructuredName Issued Unstructured Name String 8192
UnstructuredAddress Issued Unstructured Address String 8192
DeviceSerialNumber Issued Device Serial Number String 8192

CertUtil: -schema command completed successfully.
c:\Program Files\Microsoft Visual Studio 8\VC>

Tuesday, 03 March 2009 18:36:20 (Mitteleuropäische Zeit, UTC+01:00)  #    -
anything else
# Saturday, 21 February 2009
For some reason I needed to add a Control to a Toolstrip. There are some ToolStrip enabled controls in the framework, but I needed a checkbox.
So, after a short time with Windows Live Search, I found the  ToolStripControlHost class which comes quite handy for that task.
Just create your control, create a  ToolStripControlHost , and add that to the toolstrip.
Voila, thats it.

CheckBox cb = new CheckBox();
cb.Text = "Test";

ToolStripControlHost ch = new ToolStripControlHost(cb);

this.toolStrip1.Items.AddRange(new System.Windows.Forms.ToolStripItem[] { ch });

MSDN describes that  here in great detail...

Saturday, 21 February 2009 14:54:17 (Mitteleuropäische Zeit, UTC+01:00)  #    -
# Friday, 20 February 2009
Basic Authenitcation is a - not so secure - method of authenticating users to a web server.
The username and password are sent in the HTTP request header with Base64 "encryption" which is as good as plain text.
However at some point you may have or may want to do just that, either because there is still no trust between organizations (believe me, the world is good :-)) or just because its too easy and other methods are way too hard to implement.
Now there you are, how do you add a header to a HttpRequest in plain c#?

Follow these steps:

  1. Generate the proxy using WSDL.EXE. Search MSDN on how to do that.
  2. Add this function to the partial class:

    protected override System.Net.WebRequest GetWebRequest(Uri uri)
          HttpWebRequest request = (HttpWebRequest)base.GetWebRequest(uri);
          if (PreAuthenticate)
                NetworkCredential networkCredentials = Credentials.GetCredential(uri, "Basic");
                if (networkCredentials != null)
                      byte[] credentialBuffer = new UTF8Encoding().GetBytes(networkCredentials.UserName +":" + networkCredentials.Password);
                      // Note the space after Basic
                      request.Headers["Authorization"] = "Basic " + Convert.ToBase64String(credentialBuffer);
                      throw new ApplicationException("No network credentials");
          return request;

  3. within the client using your proxy add the following:

    // these are NOT my real credentials
    NetworkCredential netCredential = new NetworkCredential("Elvis", "Graceland");
    Uri uri = new Uri(svc.Url);
    ICredentials credentials = netCredential.GetCredential(uri, "Basic");
    svc.Credentials = credentials;
    // set PreAuthenticate as it is checked !!!
    svc.PreAuthenticate = true;

Thats it....

Friday, 20 February 2009 14:48:23 (Mitteleuropäische Zeit, UTC+01:00)  #    -
C# | Webservices | Authentication
<2009 May>
About the author/Disclaimer

The opinions expressed herein are my own personal opinions and do not represent my employer's view in any way.
Any link on this site may lead to an external website that is not under my control and that external website might show an opinion that is not mine.

© Copyright 2018
Hannes Köhler
Sign In
Total Posts: 39
This Year: 0
This Month: 0
This Week: 0
Comments: 1
All Content © 2018, Hannes Köhler
DasBlog theme 'Business' created by Christoph De Baene (delarou)