Re: X509 signing only works when logged in locally

From: Dilip Krishnan (dkrishnan_at_NOSPAM.geniant.com)
Date: 01/24/05 

Date: Mon, 24 Jan 2005 12:31:17 -0800

Hello Metrophobe,
   Make sure IIS is running under aspnet/system account. Also give access
to the the certificate store to these users .

HTH
Regards,
Dilip Krishnan
MCAD, MCSD.net
dkrishnan at geniant dot com
http://www.geniant.com

> I am struggling with some web application X509 signing issues, but was
> finally able to get everything working by setting the web application
> impersonate value to "myuseraccount." Since the key we have to use
> for signing is installed under the "myuseraccount" Personal store and
> not exportable, I think I am stuck having the web app impersonate
> myself.
>
> In any event, everything works fine if I leave myself logged into the
> server on which the app runs. Any users accessing the box remotely
> can run the page that signs a payload. After I log out, however, the
> process no longer works. The Event Viewer app log seems to indicate
> that the certificate for signing was not found, but why should be
> being logged in affect that? Since my code is pulling from
> CurrentUserStore, does that somehow use the currently logged-in user
> store, rather than the store of the impersonate user?
>
> I have played with file, folder, and certificate permissions until my
> fingers bled, but it's possible I missed something. Many thanks in
> advance to anyone who can help solve this one.
>

Relevant Pages

  • Re: Accessing certificate store from ASP.NET web project
    ... My app gives you the name of the private key container - now you only need System.Security.AccessControl to set the necessary ACLs on it. ... case the cert must be in the local computer/personal) store - it will ... certificate two weeks ago. ... different user context than my vb.net web project. ...
    (microsoft.public.dotnet.security)
  • Re: Transparent login to mobile application by logging in to WiFi hot
    ... Well, *if* a certificate were stored in the certificate store, then you ... Smart Device Framework has a cryptography wrapper that you could use). ... I dont want the user to type the username pwd again to login to the app ...
    (microsoft.public.dotnet.framework.compactframework)
  • Detecting certs added to MY store
    ... I need to write an application that monitors the MY store. ... I would like the app to be able to detect when a new ... certificate is added to the store. ...
    (microsoft.public.platformsdk.security)
  • Re: Active Directory Federation Services
    ... that is associated with their profile and the machine itself has a store. ... Just wanted to let you know that I got the cert problem fixed. ... the user certificate store. ... FSP was looking for certs in the local ...
    (microsoft.public.windows.server.active_directory)
  • Re: Accessing certificate store from ASP.NET web project
    ... the cert must be in the local computer/personal) store - it will then open ... Have a look at the source code to open the right cert store... ... One of the locations requires a x509 certificate in order ... different user context than my vb.net web project. ...
    (microsoft.public.dotnet.security)
Loading