0

The following code is failing with the following message when trying to output the PrivateKey or PublicKey. (The Thumbprint will output fine.):

The process does not possess the 'SeSecurityPrivilege' privilege which is required for this operation.

If I run as local administrator, it works. How do I get around this issue.

fyi.. the certificate (pfx) is password protected--but not sure how to indicate that in this code snippet.

var certStore = new X509Store(StoreName.My, StoreLocation.LocalMachine);
certStore.Open(OpenFlags.ReadOnly);
string thumbprint = "D80FB0BB6485B6A2DE647812C5AA72A8F7ABA14C";

X509Certificate2Collection certCollection = certStore.Certificates.Find(
    X509FindType.FindByThumbprint,
    thumbprint, false);

// Close the certificate store.
certStore.Close();

if (certCollection.Count == 0)
{
    throw new SecurityException(string.Format(CultureInfo.InvariantCulture, "No certificate was found for thumbprint {0}", thumbprint));
}
Console.WriteLine(certCollection[0].PrivateKey);
abatishchev
  • 98,240
  • 88
  • 296
  • 433
Pete Maroun
  • 2,045
  • 2
  • 18
  • 27
  • When retrieving the PrivateKey or PublicKey property in the Console.WriteLine. I was able to output the Thumbrprint however. I am testing this code in LINQPad, as this is the same error message I get when running this same logic (minus the Console.WriteLine) in my custom WCF ServiceHost. – Pete Maroun Sep 07 '12 at 15:20

1 Answers1

1

You need to grant that account the "Manage auditing and security log rights". See http://support.microsoft.com/kb/2000257/en-US for more information. That is quite strange for a certificate operation, though.

How to view permissions for RSA Key Container may be relevant here, since it discusses requiring the same privilege to access a private key.

The account may have the privilege but it may need to be enabled. See C# Random Exception when Getting / Setting Registry ACL "SeSecurityPrivilege" for sample code.

Community
  • 1
  • 1
akton
  • 14,148
  • 3
  • 43
  • 47