访问证书时出错:密钥集不存在
本文关键字:密钥 不存在 出错 证书 访问 | 更新日期: 2023-09-27 18:10:11
我最近更新了两个windows控制台应用程序的证书。在过去,我们只是更新了证书,但这次不可能,因为我们的第三方提供商不再允许这样做。这一次创建了一个名称稍作修改的新证书。两个使用此证书的应用程序,一个正常工作,另一个每次运行时都得到以下错误。
Exception (CryptographicException)
System.Security.Cryptography.CryptographicException: Keyset does not exist
Server stack trace: at
System.Security.Cryptography.Utils.CreateProvHandle(CspParameters parameters, Boolean randomKeyContainer) at
System.Security.Cryptography.Utils.GetKeyPairHelper(CspAlgorithmType keyType, CspParameters parameters, Boolean randomKeyContainer, Int32 dwKeySize, SafeProvHandle& safeProvHandle, SafeKeyHandle& safeKeyHandle) at
System.Security.Cryptography.RSACryptoServiceProvider.GetKeyPair() at
System.Security.Cryptography.X509Certificates.X509Certificate2.get_PrivateKey() at
System.IdentityModel.Tokens.X509AsymmetricSecurityKey.get_PrivateKey() at
System.IdentityModel.Tokens.X509AsymmetricSecurityKey.GetSignatureFormatter(String algorithm) at
System.IdentityModel.SignedXml.ComputeSignature(SecurityKey signingKey) at
System.ServiceModel.Security.WSSecurityOneDotZeroSendSecurityHeader.CompletePrimarySignatureCore(SendSecurityHeaderElement[] signatureConfirmations, SecurityToken[] signedEndorsingTokens, SecurityToken[] signedTokens, SendSecurityHeaderElement[] basicTokens) at
System.ServiceModel.Security.SendSecurityHeader.CompleteSignature() at
System.ServiceModel.Security.SendSecurityHeader.CompleteSecurityApplication() at
System.ServiceModel.Security.SecurityAppliedMessage.OnWriteMessage(XmlDictionaryWriter writer) at
System.ServiceModel.Channels.BufferedMessageWriter.WriteMessage(Message message, BufferManager bufferManager, Int32 initialOffset, Int32 maxSizeQuota) at
System.ServiceModel.Channels.TextMessageEncoderFactory.TextMessageEncoder.WriteMessage(Message message, Int32 maxMessageSize, BufferManager bufferManager, Int32 messageOffset) at
System.ServiceModel.Channels.HttpOutput.SerializeBufferedMessage(Message message) at System.ServiceModel.Channels.HttpOutput.Send(TimeSpan timeout) at
System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.SendRequest(Message message, TimeSpan timeout) at
System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout) at
System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.Request(Message message, TimeSpan timeout) at
System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout) at
System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation) at
System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
Exception rethrown at [0]: at
System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg) at
System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
我已将证书加载到适当的证书存储区。我给了用户完全的访问权限。我已经给了"每个人"访问证书的权限。我甚至已经确定了物理文件与私人,并给予用户完全控制。还是没有成功。
下面是配置文件的摘录,它设置了访问证书的配置:
<clientCertificate
findValue="certifcatesubjectishere"
storeLocation="LocalMachine"
storeName="TrustedPeople"
x509FindType="FindBySubjectName"
/>
我知道现在回答已经太晚了,但它可能对其他人有用。我在IIS中安装WCF应用程序时遇到了同样的问题,我用winhttpcertcfg解决了这个问题。它是Windows授予/撤销证书权限的官方程序。这里可以找到using instructions