Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

Article Number: 000126117

How to Verify Certificate Type in Dell Encryption

Summary: This article provides information for verifying certificate provider types.

This article may have been automatically translated. If you have any feedback regarding its quality, please let us know using the form at the bottom of this page.

Article Content

Symptoms

Affected Products:

  • Dell Encryption
  • Dell Data Protection | Encryption

Cause

Not Applicable

Resolution

Verifying Cert Provider Types

Updating Certificates - Users are unable to access various parts of Dell Encryption (formerly Dell Data Protection | Encryption), Mainly Remote Management Console (RMC).

Sometimes users have trouble accessing the RMC or issues with Dell Encryption due to the wrong Cert Provider Type being used. This is not an issue with Dell Encryption, but rather with the .net that Dell Encryption is built to use. So when using or upgrading third-party certs, always verify that the Cert Provider Type is correct, Provider = Microsoft RSA Channel Cryptographic Provider.

In order to verify the Cert Provider Type you must run the certutil from within a Command Prompt.

  1. Open a Command Prompt (CMD).

Command Prompt
Figure 1: (English Only) Command Prompt

  1. From the Prompt Type: certutil –store my

Type: certutil –store my
Figure 2: (English Only) Type: certutil –store my

  1. Validate Cert Type

Validate Cert Type
Figure 3: (English Only) Validate Cert Type

The two types are listed Below;

Good - Microsoft RSA Channel Cryptographic Provider:

Good Microsoft RSA Channel Cryptographic Provider
Figure 4: (English Only) Good Microsoft RSA Channel Cryptographic Provider

Bad - Microsoft Software Key Storage Provider:

Bad Microsoft Software Key Storage Provider
Figure 5: (English Only) Bad Microsoft Software Key Storage Provider

Steps for modifying your internal CA to specify "Cert Type" are below.

  1. Alter the template on the Internal CA to specify the use of the Legacy Cryptographic Service Provider.

Alter Template
Figure 6: (English Only) Alter Template

  1. They must duplicate an existing template to a new template if they do not already have a template that can be used for Legacy Cryptographic Service Provider. The provider type cannot be changed once the template is created.

Duplicate Template
Figure 7: (English Only) Duplicate Template

  1. Customize the template to meet security standards. On the Cryptography tab, ensure to select the Provider Category as Legacy Cryptographic Service Provider.

Customize the template
Figure 8: (English Only) Customize the template

  1. Request a new certificate from the internal CA selecting this new template. The requesting computer must have permissions to enroll certificates with this template.

To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.

Article Properties

Affected Product

Dell Encryption

Last Published Date

03 Apr 2024

Version

8

Article Type

Solution

Back to Top