Loading X509Certificate results in exception CryptographicException "Cannot find the original signer"

Question

I am trying to instantiate an X509Certificate object, but I keep running into the same CryptographicException, with the error message:

"Cannot find the original signer".

I have tried several ways of loading the certificate:

// some different things that I have tried
var cert = X509Certificate.CreateFromCertFile(certFileName);
var cert2 = new X509Certificate(byteArray);
var cert3 = new X509Certificate(byteArray, secretString);
var cert4 = X509Certificate.CreateFromSignedFile(certFileName);

I have tried both loading from a file and from a byte array. Each time I get the same error. What could be causing this?

score 17 · Accepted Answer · answered Oct 09 '13 at 13:13

17

I figured out the problem. I was attempting to load just the certificate file, which did not include the private key. To fix the problem, I had to install the private key on the machine on which the certificate was purchased, and then export it as a .pfx file and move it to where I actually wanted to use it. I'm sure was a newbie mistake. Hopefully, my silly issue will help other newbies in the future.

answered Oct 09 '13 at 13:13

MrCodeMnky

835
1
6
18

1

Isn't sending the private key through the internet a security leak? – Ozkan Sep 07 '18 at 11:40

score 4 · Answer 2 · answered Feb 08 '18 at 03:45

4

        var collection = new X509Certificate2Collection();
        collection.Import(byteArray);
        return collection;

via https://stackoverflow.com/a/44073265, by https://stackoverflow.com/users/6535399, who writes crypto for msft - e.g. https://github.com/dotnet/corefx/pull/25920

answered Feb 08 '18 at 03:45

user326608

2,210
1
26
33

This is a much better solution. – Matt Small Jan 17 '20 at 18:55

Loading X509Certificate results in exception CryptographicException "Cannot find the original signer"

2 Answers2

Linked