Signing using X509 certificates

Signing using X509 certificates

Post by UmFq » Sat, 11 Sep 2004 09:07:03


Hi,
Iam trying to sign XML messages using X509 certificate.The problem Iam
facing is extracting the private key out of the X509 certificate ..I know
that the private key is not stored as part of the .cer files but shouldn't it
be part of the .pl2 files .I tried with that format as well but no luck..All
Iam trying to do is as below and use the created "Key" for signing later..

X509Certificate cert =
X509Certificate.CreateCertFromFile("c:\\a.cer");
RSACryptoServiceProvider Key = new RSACryptoServiceProvider();
RSAParameters private = cert.Key.ExportParameters( true );
Key.ImportParameters( private );

but Iam getting errors saying that

"System.ComponentModel.Win32Exception : Cannot find the certificate and
private key for decryption" when I try to set the exportParameters to true..

Any thoughts?
 
 
 

Signing using X509 certificates

Post by Qm9iIEZsYW » Sat, 02 Oct 2004 01:21:01

How did you install your certificate? What store did you put it in?

There are a lot of messages about setting the security on the
"MachineKeys" folder and subsequent responses indicating that the
resetting security has no effect, but if you installed the cert in the
Local Machine/Personal folder, it is because the certificates are not
in "MachineKeys", they are in the folder RSA/S-1-{MoreValuesHere}
folder.

So, to get access to the keys, look for the folder:

\Documents and Settings\All Users\Application
Data\Microsoft\Crypto\RSA\S-1-...

folder(s). Look at the dates on the files in the folder(s) to see when
the cert was installed. If a file with the correct date in in a
folder, set the permissions on the folder (with appropriate
inheritance for children) and try your app again. This worked for me.

(In my case, my app worked fine on XP, but when I tried to install and
run it on Win2003, the "cannot find" error started to occur. It took a
couple of days of playing and searching to come up with this answer.)