我最近更新了两个Windows控制台应用程序的证书。在过去,我们刚刚更新了证书,但这次不可能,因为我们的第三方提供商不再允许这样做。这次使用略微修改的名称创建了新证书。两个应用程序使用此证书,一个正在运行,另一个应用程序每次运行时都会收到以下错误。
Exception (CryptographicException)
System.Security.Cryptography.CryptographicException: Keyset does not exist
Server stack trace: at
System.Security.Cryptography.Utils.CreateProvHandle(CspParameters parameters, Boolean randomKeyContainer) at
System.Security.Cryptography.Utils.GetKeyPairHelper(CspAlgorithmType keyType, CspParameters parameters, Boolean randomKeyContainer, Int32 dwKeySize, SafeProvHandle& safeProvHandle, SafeKeyHandle& safeKeyHandle) at
System.Security.Cryptography.RSACryptoServiceProvider.GetKeyPair() at
System.Security.Cryptography.X509Certificates.X509Certificate2.get_PrivateKey() at
System.IdentityModel.Tokens.X509AsymmetricSecurityKey.get_PrivateKey() at
System.IdentityModel.Tokens.X509AsymmetricSecurityKey.GetSignatureFormatter(String algorithm) at
System.IdentityModel.SignedXml.ComputeSignature(SecurityKey signingKey) at
System.ServiceModel.Security.WSSecurityOneDotZeroSendSecurityHeader.CompletePrimarySignatureCore(SendSecurityHeaderElement[] signatureConfirmations, SecurityToken[] signedEndorsingTokens, SecurityToken[] signedTokens, SendSecurityHeaderElement[] basicTokens) at
System.ServiceModel.Security.SendSecurityHeader.CompleteSignature() at
System.ServiceModel.Security.SendSecurityHeader.CompleteSecurityApplication() at
System.ServiceModel.Security.SecurityAppliedMessage.OnWriteMessage(XmlDictionaryWriter writer) at
System.ServiceModel.Channels.BufferedMessageWriter.WriteMessage(Message message, BufferManager bufferManager, Int32 initialOffset, Int32 maxSizeQuota) at
System.ServiceModel.Channels.TextMessageEncoderFactory.TextMessageEncoder.WriteMessage(Message message, Int32 maxMessageSize, BufferManager bufferManager, Int32 messageOffset) at
System.ServiceModel.Channels.HttpOutput.SerializeBufferedMessage(Message message) at System.ServiceModel.Channels.HttpOutput.Send(TimeSpan timeout) at
System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.SendRequest(Message message, TimeSpan timeout) at
System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout) at
System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.Request(Message message, TimeSpan timeout) at
System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout) at
System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation) at
System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
Exception rethrown at [0]: at
System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg) at
System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
我已将证书加载到相应的证书库。我已经为用户提供了完全访问权限。我给了#34;每个人"访问证书。我甚至用私有文件识别了物理文件,并让用户完全控制它。仍然没有成功。
以下是配置文件的摘录,用于设置访问证书的配置:
<clientCertificate
findValue="certifcatesubjectishere"
storeLocation="LocalMachine"
storeName="TrustedPeople"
x509FindType="FindBySubjectName"
/>
在此阶段,我们将非常感谢任何帮助或建议。
答案 0 :(得分:0)
我知道回答为时已晚,但对其他人有用。我在IIS中安装WCF应用程序时遇到了同样的问题,我使用winhttpcertcfg解决了它。它是Windows的官方程序,用于授予/撤消证书的权限。您可以使用instractions找到Here。