Table of Contents

Are there any types of certificates that are not supported by the Security Token Service?

Yes. The Pega Robotic Automation Security Token Service does not support CNG (Cryptography Next Generation) certificates.

There are two ways to determine if a certificate is a CNG certificate:

  • Do a p/invoke of CertGetCertificateContextProperty, and inspect dwProvType on the returned CertGetCertificateContextProperty.
  • Use the certutil command from the command line to query the certificates.

If the ProviderType (rgProvParam) and KeySpec (dwKeySpec) are zero (0), it is a CNG private key. Here is the format of the command that you would use to list the certificate properties:

<span>certutil -v -store [StoreName]</span>

For example, use the following command:

<span>certutil -v -store my</span>
Use the certutil –store –? command to get Help on the –store command.
Suggest Edit

100% found this useful

Have a question? Get answers now.

Visit the Pega Support Community to ask questions, engage in discussions, and help others.