Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>More than likely, when you are running from Visual Studio/Cassini, it is accessing your <strong>user</strong> certificate store, even though you're loading it from bytes. Could you please try this and see if it solves your issue:</p> <pre><code>var certificate = new X509Certificate( cert.CertificatePKCS12, "SomePassword", X509KeyStorageFlags.MachineKeySet); </code></pre> <p>This will cause IIS (which runs as the ASP.NET user which likely doesn't have access to a user store) to use the Machine store.</p> <p><a href="http://msdn.microsoft.com/en-us/library/ms148393.aspx" rel="noreferrer">This page</a> explains the constructor in more detail, and <a href="http://msdn.microsoft.com/en-us/library/system.security.cryptography.x509certificates.x509keystorageflags.aspx" rel="noreferrer">this page</a> explains the <code>X509KeyStorageFlags</code> enumeration.</p> <p><strong>Edit:</strong> Based on the <a href="https://stackoverflow.com/questions/6097380/asp-net-mvc-an-internal-error-occurred-when-loading-certificate-bytes-with-x">second link</a> from <a href="https://stackoverflow.com/users/276386/cyphr">cyphr</a>, it looks like it might be a good idea (if the previous solution doesn't work), to combine some of the <code>FlagsAttribute</code> enumeration values like so:</p> <pre><code>var certificate = new X509Certificate( cert.CertificatePKCS12, "SomePassword", X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable); </code></pre> <p>Additionally, if you have access, you may want to try changing your Application Pool setting to use LocalService (and then restart the AppPool). This may elevate your permissions to an appropriate level if that is the problem.</p> <p>Finally, you can use <a href="http://msdn.microsoft.com/en-us/library/system.io.file.writeallbytes.aspx" rel="noreferrer"><code>File.WriteAllBytes</code></a> to write out the <code>CertificatePKCS12</code> contents to a pfx file and see if you can manually import it using the certificate console under MMC (you can delete after successful import; this is just to test). It could be that your data is getting munged, or the password is incorrect.</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload