I recently updated the certificate for two windows console application. In the past we have just renewed the certificate but this was not possible this time as our 3rd party provider no longer allows this. This time a new certificate was created with a slightly amended name. Two applications use this certificate one is working and the other is getting the below error each time it is run.
Exception (CryptographicException)
System.Security.Cryptography.CryptographicException: Keyset does not exist
Server stack trace: at
System.Security.Cryptography.Utils.CreateProvHandle(CspParameters parameters, Boolean randomKeyContainer) at
System.Security.Cryptography.Utils.GetKeyPairHelper(CspAlgorithmType keyType, CspParameters parameters, Boolean randomKeyContainer, Int32 dwKeySize, SafeProvHandle& safeProvHandle, SafeKeyHandle& safeKeyHandle) at
System.Security.Cryptography.RSACryptoServiceProvider.GetKeyPair() at
System.Security.Cryptography.X509Certificates.X509Certificate2.get_PrivateKey() at
System.IdentityModel.Tokens.X509AsymmetricSecurityKey.get_PrivateKey() at
System.IdentityModel.Tokens.X509AsymmetricSecurityKey.GetSignatureFormatter(String algorithm) at
System.IdentityModel.SignedXml.ComputeSignature(SecurityKey signingKey) at
System.ServiceModel.Security.WSSecurityOneDotZeroSendSecurityHeader.CompletePrimarySignatureCore(SendSecurityHeaderElement[] signatureConfirmations, SecurityToken[] signedEndorsingTokens, SecurityToken[] signedTokens, SendSecurityHeaderElement[] basicTokens) at
System.ServiceModel.Security.SendSecurityHeader.CompleteSignature() at
System.ServiceModel.Security.SendSecurityHeader.CompleteSecurityApplication() at
System.ServiceModel.Security.SecurityAppliedMessage.OnWriteMessage(XmlDictionaryWriter writer) at
System.ServiceModel.Channels.BufferedMessageWriter.WriteMessage(Message message, BufferManager bufferManager, Int32 initialOffset, Int32 maxSizeQuota) at
System.ServiceModel.Channels.TextMessageEncoderFactory.TextMessageEncoder.WriteMessage(Message message, Int32 maxMessageSize, BufferManager bufferManager, Int32 messageOffset) at
System.ServiceModel.Channels.HttpOutput.SerializeBufferedMessage(Message message) at System.ServiceModel.Channels.HttpOutput.Send(TimeSpan timeout) at
System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.SendRequest(Message message, TimeSpan timeout) at
System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout) at
System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.Request(Message message, TimeSpan timeout) at
System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout) at
System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation) at
System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
Exception rethrown at [0]: at
System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg) at
System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
I have loaded the certificate to the appropriate certificate store. I have given the users full access right. I have given "everyone" access to the certificate. I have even identified the physical file with the private and given the users full control to this. Still no success.
Below is an extract from the config file that sets the configuration for accessing the certificate:
<clientCertificate
findValue="certifcatesubjectishere"
storeLocation="LocalMachine"
storeName="TrustedPeople"
x509FindType="FindBySubjectName"
/>
Any help or suggestions would be greatly appreciated at this stage.
