在Classic ASP中使用X509证书的Web服务安全性

Question

我正在尝试从经典ASP调用C＃dll - 这个dll调用web服务。运行该ASP站点的人曾经问过我为他创建这个dll并且遇到了很多问题。他告诉我他有一个* .crt文件，dll应该使用它来调用他的基于SSL的Web服务。

因为这是经典的ASP，不得不使它成为一个COM对象，并通过代码配置服务和端点，如下所示：

BasicHttpBinding binding = new BasicHttpBinding();
binding.Name = "Service1Binding";
binding.CloseTimeout = System.TimeSpan.Parse("00:01:00");

binding.OpenTimeout = System.TimeSpan.Parse("00:01:00");
binding.ReceiveTimeout = System.TimeSpan.Parse("00:10:00");
binding.SendTimeout = System.TimeSpan.Parse("00:01:00");

binding.AllowCookies = false;
binding.BypassProxyOnLocal = false;
binding.HostNameComparisonMode = System.ServiceModel.HostNameComparisonMode.StrongWildcard;

binding.MaxBufferSize = 65536;
binding.MaxBufferPoolSize = 524288;
binding.MaxReceivedMessageSize = 65536;

binding.MessageEncoding = System.ServiceModel.WSMessageEncoding.Text;
binding.TextEncoding = System.Text.Encoding.UTF8;
binding.TransferMode = System.ServiceModel.TransferMode.Buffered;

binding.UseDefaultWebProxy = true;
binding.ReaderQuotas.MaxDepth = 32;
binding.ReaderQuotas.MaxStringContentLength = 8192;

binding.ReaderQuotas.MaxArrayLength = 16384;
binding.ReaderQuotas.MaxBytesPerRead = 4096;
binding.ReaderQuotas.MaxNameTableCharCount = 16384;

binding.Security.Mode = System.ServiceModel.BasicHttpSecurityMode.None;
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.None;
binding.Security.Transport.ProxyCredentialType = HttpProxyCredentialType.None;

binding.Security.Transport.Realm = "";
binding.Security.Mode = BasicHttpSecurityMode.TransportWithMessageCredential;
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate;
binding.Security.Message.ClientCredentialType = BasicHttpMessageCredentialType.Certificate;
binding.Security.Message.AlgorithmSuite = System.ServiceModel.Security.SecurityAlgorithmSuite.Default;

EndpointAddress endpoint =
    new EndpointAddress("https://webservice.XXXX.com/Service1.svc");

var cert = new X509Certificate2(certPath); //local path to *.crt file
Service1.ServiceClient client = new Service1.ServiceClient(binding, endpoint);
client.ClientCredentials.ClientCertificate.Certificate = cert;

var result = client.HelloWorld();

首先我得到了一个Forbidden异常，因此我将Security.Mode更改为BasicHttpSecurityMode.TransportWithMessageCredential。现在，我收到了这个错误：

  

X.509证书中没有私钥

是在商店中查找证书，还是使用我提供的路径？我怎样才能做到这一点？