Thanks Crypt32
i would have a lat confirm of

" no, because senders needs to have recipient's public certificate in order to encrypt it for selected recipient."
does this means, Receiver need to buy a public CA cert for someone send encrypted mail to self? but Sender does not need to buy any public CA cert?

Thank you for the help
i still have confusing about

it shows subject type is user, i wondor how to identify whether is computer or user cert?

it is 12 R2
i type the commands from certreq -f -new cert.inf cert.req, certreq -submit cert.req cert.cer, certreq -accept cert.cer
it returns error immediately, but still complete the commands

Thank you Crypt32
your help is awsome

Hi, i use on premise NDES, want to have a test tool

Hi LanHuang
i can use the "Webview2" in VS2019, but it can not pass the proxy, and no working example after searching internet, do you have any workable reference code?
i tried a obsoleted bulid in "Webbroswer", it will ask the login for proxy, but it shows script error when broswering some normal page, i suppose it only for former version html, css, any old stuffs, so ofcourse it obsoleted.

Sorry for my description not clear,
i want to write a C# program to call and auto submit a form which is the normal page,
after the page return, it will be a file path for download a file, i cannot find any sample like this
thank you

i want to auto enroll a cert, the public CA require to submit a pin 16digits, some text number
and next page, there is a download button to download a cert file,
i want to do this programmingly, rather than i manual do 1 by 1
thank you

Yes, it is a public CA "Hong Kong Post" web site,
it only support normal page web form, no web service no API

i checked that .net has latest "webview2", obsoleted "webbroswer" component from nuget, but "webview2" not display anything, do you have any idea?

i looked into PKIview -> AIA, but there are 1 root CA, 2 Ent CA which all are necessary.
but i still thank you for the advice, you helped me so much in other problem,
i will try to figure it out myself

hi GeorgMatviak-7378
thank you for the information
i cannot make chnage no production,
and i want to know the root cause, there is only 1 ldap link in cert's AIA properties, but 3 times checking, these 3 checked ldap link are totally the same,
just ignore the error seems not good, thank you

Hi Crypt32
i understant the concept you said, but i still cannot figure out how my company's policy can make auto enrollment happen
please allow me to ask more question here

i rsop the result
1. does only enable Automatic certicate management is good enough to auto enroll?
2. "Enroll new cert, renew expired, process pending request and remove revoked", does it minds it supports update enrolled cert if renew, remove, hold for newing?
3. "update and manage cert that use cert template from AD", what means?
4. does this policy applied from "Default setting"? what policy exactlly ?

thank you

Thank you Crypt32

Thank you Crypt32

Thank you Crypt32