Good day
I am having serious issues trying to assign a private key due to this error.
System.Security.Cryptography.CryptographicException: Keyset does not exist
var store = new X509Store(StoreName.My, StoreLocation.LocalMachine);
store.Open(OpenFlags.ReadOnly);
var col = store.Certificates.Find(X509FindType.FindBySerialNumber, "00873476DC47C5BB614EA96F2A9CE744A6", false);
var cert = col[0];
var xmlUnSignedSaml = new XmlDocument();
xmlUnSignedSaml.LoadXml(assertion);
xmlUnSignedSaml.PreserveWhitespace = true;
SignedXml signedXml = new SignedXml(xmlUnSignedSaml);
signedXml.SigningKey = cert.PrivateKey; //<<<--- Exception thrown.
I have verified the following:
- The certificate HAS a private key.
- Read Permissions on the certificate is granted to IUSR, NETWORK SERVICE, LOCAL SERVICE and the local user context on the MMC Console. The certificate is in the localMachine - Personal folder
- Same Read permissions are given to the machinekeys folder at “C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys”.
I have checked the answers at the following pages, but absolutely none of them worked for me:
- Stack Overflow User @blowdart's answer
- MSDN Answer
- Other sites, but that had to do with setting up IIS and getting certificates to work there
I am running the application from within Visual Studio, and at the code segment above, it throws the exception trying to set the SignedXml's SigningKey
What else can I do to get this up and running? (Afterthought, I have also tried the "Everyone" permission on the cert and folder - even that threw the same exception)