How to suppress "An application is requesting access to a protected item" popup
I'm getting a pop-up when trying to use a certificate to decrypt data. I'm creating a self-signed certificate, and I'm using it to encrypt some data, but I'm getting the following confirmation pop-up when trying to decrypt the data:
How can I programatically grant access to use the certificate?
I believe the issue is that the certificate's private key has "strong protection" enabled.
Enable strong private key protection. You will be prompted every time the private key is used by an application if you enable this option.
Any attempt to use the private key causes Windows to display the warning.
You have to re-import the certificate without the Strong private key protection option enabled.
Group policy that does the same
It's also possible a system wide group policy is in effect:
- secpol.msc
- Security Settings
- Local Policies
- Security Options
- System Cryptography: Force strong key protection for user keys stored on the computer
- Security Options
- Local Policies
- Security Settings
System Cryptography: Force strong key protection for user keys stored on the computer
This security setting determines if users' private keys require a password to be used.
The options are:
User input is not required when new keys are stored and used User is prompted when the key is first used User must enter a password each time they use a key For more information, see Public key infrastructure.
Default: This policy is not defined.
If that group policy security option is set, you have to disable it.
Bonus Reading
- MSDN Blog: What is a strong key protection in Windows? (archive)
- Technet GP reference: System cryptography: Force strong key protection for user keys stored on the computer (archive)
tl;dr: You cannot programatically bypass a security boundary
- Why does an empty preprocessor command still evaluate to something?
- How to implement variable sized array within C struct
- Character array typecasting to integer
- How can I exclude non-numeric keys? CS50 Caesar Pset2
- How to get the sign, mantissa and exponent of a floating point number
- Why do MCU libraries use logic operations instead of bitfield structs?
- What kind of implementation can I use for a static associative array on a vintage system with very limited resources?
- Determine libraries to link against for a windows library function?
- Passing macro values to arm linker that places variable at a specific location
- running a program with wildcards as arguments
- How to perform addition of two vectors of 8-bit integers with a single addition in C/C++
- GNU RISC-V Embedded GCC throws "x ISA extension `xw' must be set with the versions" error
- Counting pulses using a swiss flow meter with an Arduino, how is it done?
- How to create a folder in C (need to run on both Linux and Windows)
- Is there any way to compute the width of an integer type at compile-time?
- How can I initialize all members of an array to the same value?
- Is C notably faster than C++
- How to get the Windows SDK version number a program is compiling with at compile time
- Confused by difference between expression inside if and expression outside if
- Equivalent of atoi for unsigned integers
- k&r: Exercise 1-18. Program takes input but doesnt produce any output?
- Using in C thrd_sleep() to either wait for time or interrupt by signal. Example?
- How can I compute `exp(x)/2` when `x` is large?
- c programming: answer always equates to 0
- Is it possible to access a parameter of a function from another function in C?
- Will this expression evaluate to true or false (1 or 0) in C?
- What Is the Return Value of strcspn() When Str1 Does not Contain Str2?
- Mapping a numeric range onto another
- Signalled and non-signalled state of event
- Why is faster to do a branch than a lookup?