【发布时间】:2015-11-23 05:15:59
【问题描述】:
我最近更新了两个 Windows 控制台应用程序的证书。过去我们刚刚更新了证书,但这次不可能,因为我们的第 3 方提供商不再允许这样做。这次创建了一个新证书,名称稍作修改。使用此证书的两个应用程序一个正在运行,另一个在每次运行时都会出现以下错误。
Exception (CryptographicException)
System.Security.Cryptography.CryptographicException: Keyset does not exist
Server stack trace: at
System.Security.Cryptography.Utils.CreateProvHandle(CspParameters parameters, Boolean randomKeyContainer) at
System.Security.Cryptography.Utils.GetKeyPairHelper(CspAlgorithmType keyType, CspParameters parameters, Boolean randomKeyContainer, Int32 dwKeySize, SafeProvHandle& safeProvHandle, SafeKeyHandle& safeKeyHandle) at
System.Security.Cryptography.RSACryptoServiceProvider.GetKeyPair() at
System.Security.Cryptography.X509Certificates.X509Certificate2.get_PrivateKey() at
System.IdentityModel.Tokens.X509AsymmetricSecurityKey.get_PrivateKey() at
System.IdentityModel.Tokens.X509AsymmetricSecurityKey.GetSignatureFormatter(String algorithm) at
System.IdentityModel.SignedXml.ComputeSignature(SecurityKey signingKey) at
System.ServiceModel.Security.WSSecurityOneDotZeroSendSecurityHeader.CompletePrimarySignatureCore(SendSecurityHeaderElement[] signatureConfirmations, SecurityToken[] signedEndorsingTokens, SecurityToken[] signedTokens, SendSecurityHeaderElement[] basicTokens) at
System.ServiceModel.Security.SendSecurityHeader.CompleteSignature() at
System.ServiceModel.Security.SendSecurityHeader.CompleteSecurityApplication() at
System.ServiceModel.Security.SecurityAppliedMessage.OnWriteMessage(XmlDictionaryWriter writer) at
System.ServiceModel.Channels.BufferedMessageWriter.WriteMessage(Message message, BufferManager bufferManager, Int32 initialOffset, Int32 maxSizeQuota) at
System.ServiceModel.Channels.TextMessageEncoderFactory.TextMessageEncoder.WriteMessage(Message message, Int32 maxMessageSize, BufferManager bufferManager, Int32 messageOffset) at
System.ServiceModel.Channels.HttpOutput.SerializeBufferedMessage(Message message) at System.ServiceModel.Channels.HttpOutput.Send(TimeSpan timeout) at
System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.SendRequest(Message message, TimeSpan timeout) at
System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout) at
System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.Request(Message message, TimeSpan timeout) at
System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout) at
System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation) at
System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
Exception rethrown at [0]: at
System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg) at
System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
我已将证书加载到相应的证书存储区。我已授予用户完全访问权限。我已授予“每个人”访问证书的权限。我什至已经将物理文件标识为私有文件,并让用户完全控制它。还是没有成功。
以下是配置文件的摘录,用于设置访问证书的配置:
<clientCertificate
findValue="certifcatesubjectishere"
storeLocation="LocalMachine"
storeName="TrustedPeople"
x509FindType="FindBySubjectName"
/>
在此阶段,我们将不胜感激任何帮助或建议。
【问题讨论】:
-
这对我有用。非常感谢您的帮助。
标签: c# permissions x509certificate private-key system.security