问题描述
我已经安装在本地计算机存储(WIN7)与私人密钥证书。
在C#代码我做到这一点:
X509Certificate2证书= NULL;
变种店=新的X509Store(STORENAME,storeLocation);
store.Open(OpenFlags.ReadOnly);
试
{
VAR的结果= store.Certificates.Find(X509FindType.FindByThumbprint,按手印,FALSE);
ServicePointManager.Expect100Continue = TRUE;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls;
ServicePointManager.ServerCertificateValidationCallback = {委托返回true; };
证书= result.Count> 0
?结果[0]
:空;
}
终于
{
store.Close();
}
返回证书;
在证书变量我有我的证书,但什么不妥的地方:HasPrivateKey是真实的,但PrivateKey没有任何对象。如果我在我的web应用程序的C#代码与REST请求发送我的错误:
AcquireCredentialsHandle()失败,错误0X8009030D 。
请求已中止:无法创建SSL / TLS安全通道。
所有权利被授予在存储证书。 ?请帮助它,什么是错的。
CERTUTIL导致俄(我隐藏与***安全信息):
的certutil -store我的CF 35 63 34 14 30 32 A0 CA 4A 58 B9 7A 7A AB 18 A4 47 7D A4
===== ===========Сертификат0 =====
Серийныйномер:100030
Поставщик:******* ***********************
NotBefore:2015年7月7日5:00
NotAfter:2023年12月24日4:59
Субъект:********
Некорневойсертификат
Шаблон:
Хешсертификата(SHA1):CF 35 63 34 14 30 32 A0 CA 4A 58 B9 7A 7A AB 18 A4 47 7D A4
Контейнерключа= 94c3b04b44d51674a1b7de89c10bd7d7_09614f03-cc81-44e6-a978-81773242876c
Простоеимя контейнера:CERTREQ-ceda22d5-2893-496a-b8c1-5c9ceaed82f1
Поставщик=微软强加密提供
Тестшифрованияпройден
我已经想通这个问题。我删除证书从机器存储,然后从当前用户存储库导出安装cerificate到.PFX文件,并在计算机存储中导入。现在PrivateKey有对象。
ONSE多走一步,我改变协议类型从TLS来Tls12(适用于Win7的+):
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
I have installed certificate on local machine store (win7) with private key.In c# code I do that:
X509Certificate2 cert = null;
var store = new X509Store(storeName, storeLocation);
store.Open(OpenFlags.ReadOnly);
try
{
var result = store.Certificates.Find(X509FindType.FindByThumbprint, thumbprint, false);
ServicePointManager.Expect100Continue = true;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls;
ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };
cert = result.Count > 0
? result[0]
: null;
}
finally
{
store.Close();
}
return cert;
In cert variable I have my certificate BUT something wrong with it: HasPrivateKey is true but PrivateKey has no any object. And if I send it with REST request in C# code of my web application I have errors:
AcquireCredentialsHandle() failed with error 0X8009030D.
The request was aborted: Could not create SSL/TLS secure channel.
All rights is granted for certificate in store. Please help with it, what is wrong?
Certutil result in Russian (I hide secure info with "***"):
certutil -store my "cf 35 63 34 14 30 a0 32 ca 4a 58 b9 7a 7a ab 18 a4 47 7d a4"
================ Сертификат 0 ================
Серийный номер: 100030
Поставщик: ******************************
NotBefore: 07.07.2015 5:00
NotAfter: 24.12.2023 4:59
Субъект: ********************************
Не корневой сертификат
Шаблон:
Хеш сертификата(sha1): cf 35 63 34 14 30 a0 32 ca 4a 58 b9 7a 7a ab 18 a4 47 7d a4
Контейнер ключа = 94c3b04b44d51674a1b7de89c10bd7d7_09614f03-cc81-44e6-a978-81773242876c
Простое имя контейнера: CertReq-ceda22d5-2893-496a-b8c1-5c9ceaed82f1
Поставщик = Microsoft Strong Cryptographic Provider
Тест шифрования пройден
I've figured the problem. I deleted certificate from machine store, then export installed cerificate from current user store to .pfx file and import it in machine store. Now PrivateKey has object.Onse more step, I changed protocol type from Tls to Tls12(works for Win7+):
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
这篇关于在x509certificate2空PrivateKey的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!