Databases
StackOverflow2013
Postsdbo
POPrivate key does not persist even with X509KeyStorageFlags.PersistKeySet
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POPrivate key does not persist even with X509KeyStorageFlags.PersistKeySet
    primarykey
    data
    text
    <p>I have been searching for quite a while now but i am unable to find the answer to the following. I am storing a key pair in Windows Store, and recently started receiving the "Keyset does not exist" error. Investigating a bit further i found out it could be two things, 1 - The private key is not stored with the persist key set attribute (X509KeyStorageFlags.PersistKeySet) and 2 - access rights to the key. I have tried both 1 and 2 with no success on one machine (in my machine it works apparently). The strange thing is that when i look into Microsoft\Crypto\RSA\MachineKeys (and S-1-5-18) the key remains there but only for a period of time then it is deleted which means that it is not persisting. </p> <p><pre><code>//If decoded then save as RSACryptoServiceProvider newCert.PrivateKey = DecodePrivateKey(privateKeyFile, pkPassword)</p> <p>if (newCert.PrivateKey == null) throw new System.NullReferenceException("Decoded private key resulted in a null reference. Unable to store certificate.");</p> <p>byte[] pfx = newCert.Export(X509ContentType.Pfx); newCert = new X509Certificate2(pfx, string.Empty, X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.PersistKeySet);</pre></code></p> <p>I am running this code on a WCF Service hosted on IIS, and the certificate is deleted even if i give permissions to Network Service, the AppPoolIdentity, my account, etc through MMC-CertMgr. Would anyone know why this happens?</p> <p>Thanks in advance!</p> <p>UPDATE: I have just found out today that since i am doing this through a WCF service, the application pool is deleting the private key when it reaches its idle time limit so i am completely sure that it is the application pool the one disposing of the private key which causes the key to be deleted from the Microsoft\Crypto\RSA\MachineKeys and S-1-5-18 folders. Today i left a test running where i disabled Idle time shut down from the application pool bu i am still not sure if the private key will stop persisting with a restart or something like that? </p> <p>Would anybody know how to make the application pool stop deleting my private keys?</p>
    singulars
    1. PO
      singulars
      1. PTAnswer
    1. This table or related slice is empty.
    1. PTQuestion
    1. USdmiranda84
    1. USdmiranda84
    plurals
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. PO
      singulars
      1. PTAnswer
    2. PO
      singulars
      1. PTAnswer
    1. VO
      singulars
      1. POPrivate key does not persist even with X509KeyStorageFlags.PersistKeySet
      1. This table or related slice is empty.
      1. VTUpMod
    1. This table or related slice is empty.
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload