Re: X509 Certificate Help

Hi,
You also need to install the private key on the server (Server.PFX instead
of Server.CER) because you need it to do encryption operations.
WSE uses X509 keys in the following way:

Signature -> Client uses private key to sign the message - Server uses
public key to verify the signature
Encryption -> Client uses public key to encrypt the message -> Server uses
the private key to decrypt the message

I hope this can help you
Regards,
Pablo Cibraro
www.lagash.com

"syed javid" <syedjavid@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:D8B3E452-B565-4473-A186-E83DF58375AA@xxxxxxxxxxxxxxxx
> The Cert is in Personal Store and the Web Service is running under Domain
> Administrator account also the cert accessable to ASPNET Account and
> Domain
> Admin.
> Still the same exception.
>
> "Marvin Smit" wrote:
>
>> Hi,
>>
>> Which account is requesting the cert? And is the cert in the Computer
>> or Personal store?
>>
>> Hope this helps,
>>
>> Marvin Smit.
>>
>> On Wed, 31 Aug 2005 03:09:04 -0700, "syed javid"
>> <syedjavid@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
>>
>> >Hi,
>> >
>> >I have little confusion about using X509 Certificates. I work with
>> >Signing
>> >of SOAP Message with Private Key (.PFX) having stored at Root Store in
>> >Current user at Client Side and Public Key (.CER) at Local Machine Root
>> >Store at Server Side it works. But I have problem when doing both
>> >Signing and
>> >Encryption of SOAP Message using same Key's and at same location.
>> >Error is Private Key not available.
>> >
>> >Please any help about using of the Private Key and Public Key and
>> >locations
>> >for signing and encryption both.
>> >Is it Possible to use Private Key for both Signing and Encryption or I
>> >have
>> >to use differnet key's for doing both Signing and Encryption.
>> >
>> >Thanks in Advance
>> >
>>
>>


.

Relevant Pages

  • Re: Location of users private key in PKI solution
    ... It sounds as though I should design the system so that the client ... signing/verification technology incorporated into the server. ... Presumably the steps in signing will be as follows: ... > The private key is typically located on the users machine. ...
    (microsoft.public.security)
  • Re: Location of users private key in PKI solution
    ... It sounds as though I should design the system so that the client ... signing/verification technology incorporated into the server. ... Presumably the steps in signing will be as follows: ... > The private key is typically located on the users machine. ...
    (microsoft.public.win2000.security)
  • RE: Signing before Encryption and Signing after Encryption
    ... private key MUST have been used, ... Signing before Encryption and Signing after Encryption ... Key management is a bugger, ...
    (Security-Basics)
  • RE: Signing before Encryption and Signing after Encryption
    ... If both asymmetric keys are used, the private key needs to be ... This only works if the encryption is NOT transitive, ... If the signing is done over the whole message and not just the ... hash of the message with your private key. ...
    (Security-Basics)
  • Re: RSA breaking vs. factoring
    ... affects the two possible usages of RSA both for encryption (first public, ... then private key) and for signing ... are identical to encryption, in reverse order. ... Digital signature generation takes an input message (which may be quite ...
    (sci.crypt)