Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>Generally you give permissions to <strong>A</strong> certificate. I use a method like this to find the custom made cert and grant permissions. If you are using a cert issued by a public entity like Verisign, Thawte, etc, this is probably unnecessary.</p> <pre><code>FindPrivateKey.exe My LocalMachine –n "CN=&lt;certificate issuer&gt;" </code></pre> <p>...will find certificates on the local machine in the personal store for a particular issuer. </p> <p><em>Note: If FindPrivateKey is not on your local machine, download the WCF samples, including the FindPrivateKey tool, at <a href="http://www.microsoft.com/downloads/details.aspx?FamilyId=2611A6FF-FD2D-4F5B-A672-C002F1C09CCD&amp;displaylang=en" rel="noreferrer">http://www.microsoft.com/download/en/details.aspx?displaylang=en&amp;id=21459</a></em></p> <p>FindPrivateKey returns the location of the private key for the certificate, similar to </p> <pre><code>"C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\Machinekeys\4d657b73466481beba7b0e1b5781db81_c225a308-d2ad-4e58-91a8-6e87f354b030". </code></pre> <p>Run the following command line to assign read only access permissions to the process identity of the ASP.NET/WCF Service</p> <pre><code>cacls.exe "C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\Machinekeys\4d657b73466481beba7b0e1b5781db81_c225a308-d2ad-4e58-91a8-6e87f354b030" /E /G "NT AUTHORITY\NETWORK SERVICE":R </code></pre> <p>NOTE: If you are running Microsoft Windows® XP, give the certificate permissions for the ASPNET identity instead of the NT Authority\Network Service identity, because the IIS process runs under the ASPNET account in Windows XP.</p> <p>Certificates are viewable from the MMC snap in for Certificates. Open MMC, choose File --> Add/Remove Snap in, click the add button and choose certificates. From here you will need to choose the appropriate store (usually Computer Account - Local Computer for ASP.NET items) to manage and then you can view/admin the certs. </p> <p>Please take a good hard look at the different command line options, and make sure that you have a clear understanding of what certificates are and how they work before granting any permissions.</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload