问题描述

我有一个的WinForms 应用程序消耗WCF和作为参数传递给函数的证书：

I have a WinForms application that consumes a WCF, and pass as a parameter to a function a certificate:

mySvcClient.SendDocument(cert.Export(X509ContentType.SerializedCert, "password"));
...

在WCF服务后，我重新创建从字节数组证书：

In WCF service, I recreated the certificate from the array of bytes:

public void SendDocument (byte[] binaryCert)
{
     X509Certificate2 cert = new X509Certificate2(binaryCert, "password");
...

但使用证书签署XML时，我得到了错误键集不存在：

But when using the certificate to sign a xml, I got the error "Keyset does not exist":

if (cert.HasPrivateKey) // WORKS!!!
{
    signedXml.SigningKey = cert.PrivateKey; // THROW "keyset does not exist" EXCEPTION
...

在我的电脑，应用程序的工作100％！ ！但在Web服务器，我得到这个错误

In my computer, the application works 100%! But in the WebServer, I got this error!

现在的问题是：偶X509Certificate2从字节数组重建，我需要访问私钥一些特殊的权限

The question is: even X509Certificate2 recreated from an array of bytes, I need some special permission to access private key?

感谢您！

推荐答案

我也遇到这个问题，我的证书在哪里有私钥，但我得到这个错误（键集不存在）

I have faced this issue, my certificates where having private key but i was getting this error("Keyset does not exist")

原因：您的网站站点下运行网络服务帐户，或有较少的特权

Cause: Your web site is running under "Network services" account or having less privileges.

解决方法：更改应用程序池标识本地系统重置IIS 并再次检查。如果它开始的工作是许可/特权较低的问题，你也可以模拟然后使用其他帐户。

Solution: Change Application pool identity to "Local System", reset IIS and check again. If it starts working it is permission/Less privilege issue, you can impersonate then using other accounts too.

这篇关于x509证书 - 键集不存在的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！