dasBlog is great, but it uses an older version of the nice freeTextbox to edit the posts.

This little editor provides great enhancments for editing and formatting, and IE8 is known from Version 3.2.0, but thats not the version we are using in dasBlog.
Luckily IE8 has a 'Compatibility View' setting, which defines a list of websites that will receive the old (IE7) user-agent string.

 

Image: Tools->Compatibility View Settings

If you own the website, you can set the compat mode using a meta-tag:

<meta http-equiv="X-UA-Compatible" content="IE=7" />

So, this weekend I completed the move from simpleBlog to dasBlog, changing technology from PHP (which was good) to ASP.NET which is more suitable.
The content has to be migrated too, which will follow on one of the next weekends.

You can increase the logging level of the Certificate service in the event log for troubleshooting.
This causes Certificate services to log more frequent and verbose Application Event log entries.
To increase the logging level of the Certificate service, run the command:

certutil -setreg ca\loglevel logginglevel

where logginglevel is the level you want to use, and then restart the service.

The following ranges are available:

0 CERTLOG_MINIMAL
1 CERTLOG_TERSE
2 CERTLOG_ERROR
3 CERTLOG_WARNING (Default)
4 CERTLOG_VERBOSE

taken from http://support.microsoft.com/kb/305018

and don't forget to restart the certificate services

If you use CLM you may also want to set the loglevel for the Policy and Exit modules:

Policy module
Add a string value named Microsoft.Clm.PolicyModule to the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\CAName\PolicyModules\Clm.Policy
 
Exit module
Add a string value named Microsoft.Clm.ExitModule in the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\CAName\ExitModules\Clm.Exit

Set the string value to the desired logging level (Info, Warning, Error or verbose), and then restart the CLM Service to apply the trace logging settings.

Policy module plugins
If you need logging for the CLM policy module plugins, you must create a config file.
Enabling trace logging for the policy module plug-ins causes CLM 2007 to write the error output to the system debug stream, viewable using DebugView.

To enable trace logging, you must create a config file for certsrv.exe file in the C:\WINDOWS\system32 folder.
Create a new text document and name it certsrv.exe.config;
open the new file and copy/paste the following configuration information (It's standard .NET tracing):

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
  <system.diagnostics>
  <trace autoflush="true" indentsize="2" />
  <switches>
    <add name="Microsoft.Clm.PolicyModulePlugins" value="4" />
  </switches>
</system.diagnostics>
</configuration>

Run your c# app as admin, like 'runas'? Here is the solution:

Xpath is always fun when it comes to selecting nodes, but it gets even more fun when you have to select the node by attribute.

Assume this XML:

<test>
    <add key="one" value="two"/>
</test>

We can easily select the whole add node with the attribute 'one' by using this path: 

  /test/add[@key='one'] 

Thats perfectly fine, but now I want the value attribute for that node.
As we have an xpath to the node itself we can use this:

  /test/add[@key='one']/@value  

I always have to look such things up

A nice compilation of Xpath can be found >here<

To delete a certificate store you created using the .NET API (X509Store) you have to use the P/Invoke version of  CertOpenStore with the CERT_STORE_DELETE flag:

First, import the function:

[DllImport("crypt32.dll", CharSet = CharSet.Auto, SetLastError = true)]
public static extern IntPtr CertOpenStore(
        IntPtr storeProvider,
        uint dwMsgAndCertEncodingType,
        IntPtr hCryptProv,
        uint dwFlags,
        String cchNameString);

Next define some constants (wincrypt.h is your friend):

const int CERT_STORE_PROV_SYSTEM = 10;
const int CERT_SYSTEM_STORE_CURRENT_USER = 0x1 << 16;
const int CERT_STORE_DELETE_FLAG = 0x10; 

Finally, call the open function:

CertOpenStore(
        (IntPtr)CERT_STORE_PROV_SYSTEM, 
        0,
        IntPtr.Zero, 
        CERT_SYSTEM_STORE_CURRENT_USER | CERT_STORE_DELETE_FLAG, 
        storeName);

If you are developing with RMS you often need to run Office programs in a PreProduction hierarchy.
Many articles have been written on how to set up a PreProduction environment.
A nice article on how to setup Office 2007 in a PreProduction env can be found >here<

I have heard rumors that some customers did not instantly upgrade to the new and shiny Office 2007 and still use the old office 2003, and here is a way on setting it up:

1. get the PreProduction keys and the genmanifest tool
   
   
2. create a MCF file for the application: You will need the MSO.DLL, OLE32.DLL and of course winword.exe and msdrm.dll:
   

   AUTO-GUID
   "C:\\projects\\PreProductionKeys\\ISVTier5AppSigningPrivKey.dat"
   
   MODULELIST
       REQ     "%PROGRAMFILES%\\Microsoft Office\\OFFICE11\\winword.exe"
       REQ     "%COMMONPROGRAMFILES%\\Microsoft Shared\\office11\\mso.dll"  
       req NOHASH "%Windowsdir%\\system32\\ole32.dll"  
       opt     "%WINDIR%\\system32\\msdrm.dll"
   
   
   POLICYLIST
       INCLUSION
           PUBLICKEY "C:\\projects\\PreProductionKeys\\ISVTier5AppSigningPubKey.dat"
       EXCLUSION

   (be sure to change the hard-coded path to fit your needs)
   
   
3. create a backup of the XML files in your office installation (located at "%PROGRAMFILES%\\Microsoft Office\\OFFICE11")
   
   
4. run the manifest tool:
   genmanifest -chain "ISVTier5AppSignSDK_Client.xml" WinWord_pre_prod.mcf WRDPRTID.XML
   

Working with a Microsoft CA, you often need to query the CA's database.
To determine the schema of the database you can use certutil to view it:

certutil -schema

this will list the columns, their types, their length and if they are indexed.

Sample:

c:\Program Files\Microsoft Visual Studio 8\VC>certutil -schema
Schema:
  Column Name                   Localized Name                Type    MaxLength
  ----------------------------  ----------------------------  ------  ---------
  Request.RequestID             Request ID                    Long    4 -- Indexed
  Request.RawRequest            Binary Request                Binary  65536
  Request.RawArchivedKey        Archived Key                  Binary  65536
  Request.KeyRecoveryHashes     Key Recovery Agent Hashes     String  8192
  Request.RawOldCertificate     Old Certificate               Binary  16384
  Request.RequestAttributes     Request Attributes            String  32768
  Request.RequestType           Request Type                  Long    4
  Request.RequestFlags          Request Flags                 Long    4
  Request.StatusCode            Request Status Code           Long    4
  Request.Disposition           Request Disposition           Long    4 -- Indexed
  Request.DispositionMessage    Request Disposition Message   String  8192
  Request.SubmittedWhen         Request Submission Date       Date    8
  Request.ResolvedWhen          Request Resolution Date       Date    8 -- Indexed
  Request.RevokedWhen           Revocation Date               Date    8
  Request.RevokedEffectiveWhen  Effective Revocation Date     Date    8 -- Indexed
  Request.RevokedReason         Revocation Reason             Long    4
  Request.RequesterName         Requester Name                String  2048 -- Indexed
  Request.CallerName            Caller Name                   String  2048 -- Indexed
  Request.SignerPolicies        Signer Policies               String  8192
  Request.SignerApplicationPolicies  Signer Application Policies   String  8192
  Request.Officer               Officer                       Long    4
  Request.DistinguishedName     Request Distinguished Name    String  8192
  Request.RawName               Request Binary Name           Binary  4096
  Request.Country               Request Country/Region        String  8192
  Request.Organization          Request Organization          String  8192
  Request.OrgUnit               Request Organization Unit     String  8192
  Request.CommonName            Request Common Name           String  8192
  Request.Locality              Request City                  String  8192
  Request.State                 Request State                 String  8192
  Request.Title                 Request Title                 String  8192
  Request.GivenName             Request First Name            String  8192
  Request.Initials              Request Initials              String  8192
  Request.SurName               Request Last Name             String  8192
  Request.DomainComponent       Request Domain Component      String  8192
  Request.EMail                 Request Email Address         String  8192
  Request.StreetAddress         Request Street Address        String  8192
  Request.UnstructuredName      Request Unstructured Name     String  8192
  Request.UnstructuredAddress   Request Unstructured Address  String  8192
  Request.DeviceSerialNumber    Request Device Serial Number  String  8192
  RequestID                     Issued Request ID             Long    4 -- Indexed
  RawCertificate                Binary Certificate            Binary  16384
  CertificateHash               Certificate Hash              String  128 -- Indexed
  CertificateTemplate           Certificate Template          String  254 -- Indexed
  EnrollmentFlags               Template Enrollment Flags     Long    4
  GeneralFlags                  Template General Flags        Long    4
  SerialNumber                  Serial Number                 String  128 -- Indexed
  IssuerNameID                  Issuer Name ID                Long    4
  NotBefore                     Certificate Effective Date    Date    8
  NotAfter                      Certificate Expiration Date   Date    8 -- Indexed
  SubjectKeyIdentifier          Issued Subject Key Identifier  String  128
  RawPublicKey                  Binary Public Key             Binary  4096
  PublicKeyLength               Public Key Length             Long    4
  PublicKeyAlgorithm            Public Key Algorithm          String  254
  RawPublicKeyAlgorithmParameters  Public Key Algorithm Parameters  Binary  4096
  UPN                           User Principal Name           String  2048 -- Indexed
  DistinguishedName             Issued Distinguished Name     String  8192
  RawName                       Issued Binary Name            Binary  4096
  Country                       Issued Country/Region         String  8192
  Organization                  Issued Organization           String  8192
  OrgUnit                       Issued Organization Unit      String  8192
  CommonName                    Issued Common Name            String  8192 -- Indexed
  Locality                      Issued City                   String  8192
  State                         Issued State                  String  8192
  Title                         Issued Title                  String  8192
  GivenName                     Issued First Name             String  8192
  Initials                      Issued Initials               String  8192
  SurName                       Issued Last Name              String  8192
  DomainComponent               Issued Domain Component       String  8192
  EMail                         Issued Email Address          String  8192
  StreetAddress                 Issued Street Address         String  8192
  UnstructuredName              Issued Unstructured Name      String  8192
  UnstructuredAddress           Issued Unstructured Address   String  8192
  DeviceSerialNumber            Issued Device Serial Number   String  8192

CertUtil: -schema command completed successfully.
c:\Program Files\Microsoft Visual Studio 8\VC>