X509Certificate2 p12 is store required?

Question

Question when running the following code:

X509Certificate2 cert = new X509Certificate2(@"C:\file.p12", "password", X509KeyStorageFlags.Exportable);
RSACryptoServiceProvider crypt = (RSACryptoServiceProvider)cert.PrivateKey;

I get the following error: Keyset does not exist.

I have not added the certificate to a store, is this required to be able to access the private key?

score 12 · Accepted Answer · edited May 23 '17 at 12:33

12

Add the X509KeyStorageFlags.PersistKeySet option to the last argument of the X509Certificate2 constructor. Otherwise, when it loads the p12 file, it will not load the private key. Specifically:

X509Certificate2 cert = new X509Certificate2(@"C:\file.p12", "password",    
    X509KeyStorageFlags.Exportable | X509KeyStorageFlags.PersistKeySet);
RSACryptoServiceProvider crypt = (RSACryptoServiceProvider)cert.PrivateKey;

If that fails, it may be a file permission issue on where the key is stored. See X509Certificate - Keyset does not exist for an explanation and example.

edited May 23 '17 at 12:33

Community

1
1

answered Sep 11 '12 at 08:40

akton

14,148
3
43
47

@Rutger I added an additional check in the answer. – akton Sep 11 '12 at 08:51
I have not added the certificate to a store, is this required? – Rutger Sep 11 '12 at 08:55
@Rutger The code is not adding to a certificate store but it is storing the private key in the key store (related but different concept). The issue maybe access to the key store. – akton Sep 11 '12 at 08:58
It was indeed an access issue with the key store. – Rutger Sep 13 '12 at 09:23

X509Certificate2 p12 is store required?

1 Answers1

Linked