000022334 - How to change the default CSP (usually 'Microsoft Enhanced Cryptographic Provider v1.0') to another default on the enrollment page

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000022334
Applies ToKeon Certificate Authority 6.5.1
Keon Registration Authority 6.5.1
RSA Sign-On Manager 4.1 Client
Microsoft Windows 2000 Server SP4
IssueHow to change the default CSP (usually "Microsoft Enhanced Cryptographic Provider v1.0") to another default on the enrollment page
When users attempt to enroll for a certificate through the Keon Certificate Authority (KCA) or the Keon Registration Authority (KRA) enrollment page at https://<FQDN>:443/request-msie.xuda?domainID=xxxxxx, the list of crypto providers defaults to either "Microsoft Enhanced Cryptographic Provider v1.0" or "Microsoft Base Cryptographic Provider v1.0". If RSA Sign-on Manager Client is installed on the system and users are required to always select "RSA Sign-on Manager CSP" from the list, how can the default be changed from Microsoft CSP to the RSA CSP?
ResolutionThe KCA's or KRA's "request-msie.xuda" template can be updated to accomplish the above. Follow the instructions listed below:

1. Make a backup of <KCA-or-KRA-install-dir>\WebServer\enroll-server\request-msie.xuda

2. Using a text editor, update <KCA-or-KRA-install-dir>\WebServer\enroll-server\request-msie.xuda as in instructed below

3. Search for the following line:

    Dim rStrComp, csp1Found, csp2Found, csp1Index, csp2Index

    Update the above line to the following to define one new custom variable "mycsp0Index":

    Dim rStrComp, csp1Found, csp2Found, csp1Index, csp2Index, mycsp0Index

4. Search for the following line:

    csp2Index = -1

    Add the following line immediately after the above line to initialize the new variable "mycsp0Index":

    mycsp0Index = -1

5. Search for the following line:

    csp1Found = StrComp("Microsoft Enhanced Cryptographic Provider v1.0",selection.text, 1)

    Add the following lines immediately BEFORE the above line to set the new variable "mycsp0Index" if the preferred CSP found:

    If selection.text = "RSA Sign-on Manager CSP" Then
         mycsp0Index = i
    End If

6. Search for the following line:

    If csp1Index > -1 Then
         document.all.CSP.options.selectedIndex = csp1Index
    End If

   Add the following lines immediately AFTER the above lines to set the preferred CSP as default:

    If mycsp0Index > -1 Then
         document.all.CSP.options.selectedIndex = mycsp0Index
    End If

7. Save the above changes

8. The enrollment page would now show "RSA Sign-on Manager CSP", if installed, as the default provider in the CSP list
Legacy Article IDa27918