0

While tweaking a web proxy code, I noticed that if I run the code in an app with UAC (User Access Control) I get an exception

Here is the location where the exception is thrown:

sslStream.AuthenticateAsServer(_certificate, false, SslProtocols.Tls | SslProtocols.Ssl3 | SslProtocols.Ssl2, false);

Here is the error I get (with UAC)

The server mode SSL must use a certificate with the associated private key.

First question: Why?

2nd question: Is there an alternative? I really would like to run this in UAC (note that http works fine)

Dinis Cruz
  • 4,161
  • 2
  • 31
  • 49
  • Is this a duplicate? http://stackoverflow.com/questions/23044914/c-sharp-ssl-server-mode-must-use-a-certificate-with-the-corresponding-private-ke – Christoph Sep 03 '15 at 04:16

2 Answers2

0

Have you installed the certificate in the appropriate certificate store?

From what I remember when working with certificates, the file that you load is only used as a reference to identify the server certificate in one of the Windows certificate stores. If the proxy is running under one account but not the other, maybe you didn't install the certificate in that other account's personal certificate store.

Christoph
  • 2,211
  • 1
  • 16
  • 28
0

It sounds like the private key to your certificate is probably located somewhere with restricted file access. This is so that not just any user can read your private key. What is the purpose of running your service with limited privileges? If the key is only for this service, you may consider removing the security limitations on the folder it is in, but if this key is for your whole domain, I would be hesitant to do that...

therealmitchconnors
  • 2,732
  • 1
  • 18
  • 36
  • nope the private key is in a place where the current script can read from (in this case the O2 Platform scripts folder), so there must be something else – Dinis Cruz Dec 06 '11 at 18:07