Re: Adding certificate using X509Store

{\rtf1\ansi\ansicpg936\deff0\deflang1033\deflangfe2052{\fonttbl{\f0\fnil\fprq2\fcharset0 MS Sans Serif;}}
\viewkind4\uc1\pard\lang2052\f0\fs20 Hi Phil,
\par
\par Thanks for your prompt response.
\par
\par Glad that you've figured out the issue and share the information with us.
\par
\par Have a good day!
\par
\par Sincerely,
\par
\par Steven Cheng
\par
\par Microsoft MSDN Online Support Lead
\par
\par
\par This posting is provided "AS IS" with no warranties, and confers no rights.
\par
\par
\par
\par \pard\li720 --------------------
\par From: "Phil Lee" <phil.lee@xxxxxxxxxxxxxxxxx>
\par
\par Subject: Re: Adding certificate using X509Store
\par Date: Tue, 4 Sep 2007 11:48:23 +0100
\par
\par Steven,
\par
\par I think I've solved the problem. The problem was that the private key of the
\par certificate wasn't being persisted, the certificate itself was ok.
\par
\par I needed to use:
\par X509Certificate2 certificate = new
\par X509Certificate(Resources.certificate, "password",
\par X509KeyStorageFlags.PersistKeySet);
\par
\par Regards,
\par Phil Lee
\par
\par "Steven Cheng[MSFT]" <stcheng@xxxxxxxxxxxxxxxxxxxx> wrote in message
\par news:NHpc4Cq7HHA.5532@xxxxxxxxxxxxxxxxxxxxxxxxx
\par > Hi Phil,
\par >
\par > From your description, you're using the .NET X509Store class to
\par > programmtically add X509 certificate into certain cert store, however, you
\par > found the certificate is not persisted into the physical windows cert
\par > store
\par > after you close the X509Store object, correct?
\par >
\par > According to your problem scenario, I've performed some simple test on my
\par > local test. It seems the X509Store class should be able to persist new
\par > certificates(you added into it) into the physical store. Here is the test
\par > code I have used, I've run it on both windows 2003 SP2 and windows XP SP2
\par > box without any problem.
\par >
\par > ====================================
\par > private void btnInstallCert_Click(object sender, EventArgs e)
\par > \{
\par > X509Store store = new X509Store(StoreName.My,
\par > StoreLocation.CurrentUser);
\par >
\par > store.Open(OpenFlags.ReadWrite);
\par >
\par > MessageBox.Show("cert count: " + store.Certificates.Count);
\par >
\par >
\par > X509Certificate cert =
\par >
\par > X509Certificate2.CreateFromCertFile(@"e:\\temp\\cert_temp\\InstallTest\\InstallT
\par > estCert.cer");
\par >
\par > X509Certificate2 cert2 = new X509Certificate2(cert);
\par >
\par > store.Add(cert2);
\par >
\par >
\par > store.Close();
\par >
\par >
\par > store = new X509Store(StoreName.My, StoreLocation.CurrentUser);
\par >
\par > store.Open(OpenFlags.ReadWrite);
\par >
\par > MessageBox.Show("cert count: " + store.Certificates.Count);
\par >
\par > store.Close();
\par > \}
\par > ==================================
\par >
\par > I think you can also try testing via different certificate(such as
\par > creating
\par > a new simple one) to see whether the problem is also specific to
\par > certificate. My test certificate is issued using windows 2k3 certificate
\par > services.
\par >
\par > If there is any other finding or question ,please feel free to post here.
\par >
\par >
\par > Sincerely,
\par >
\par > Steven Cheng
\par >
\par > Microsoft MSDN Online Support Lead
\par >
\par >
\par >
\par > ==================================================
\par >
\par > Get notification to my posts through email? Please refer to
\par > http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
\par > ications.
\par >
\par >
\par >
\par > Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
\par > where an initial response from the community or a Microsoft Support
\par > Engineer within 1 business day is acceptable. Please note that each follow
\par > up response may take approximately 2 business days as the support
\par > professional working with you may need further investigation to reach the
\par > most efficient resolution. The offering is not appropriate for situations
\par > that require urgent, real-time or phone-based interactions or complex
\par > project analysis and dump analysis issues. Issues of this nature are best
\par > handled working with a dedicated Microsoft Support Engineer by contacting
\par > Microsoft Customer Support Services (CSS) at
\par > http://msdn.microsoft.com/subscriptions/support/default.aspx.
\par >
\par > ==================================================
\par >
\par >
\par > This posting is provided "AS IS" with no warranties, and confers no
\par > rights.
\par >
\par >
\par >
\par >
\par > --------------------
\par > From: "Phil Lee" <phil.lee@xxxxxxxxxxxxxxxxx>
\par > Subject: Adding certificate using X509Store
\par > Date: Mon, 3 Sep 2007 15:51:19 +0100
\par > Lines: 38
\par >
\par >
\par > Hi,
\par >
\par > I'm having an odd problem using X509Store.
\par >
\par > This code is called from a test winForms app.
\par >
\par > public static void Install()
\par > \{
\par > X509Certificate2 certificate = new
\par > X509Certificate(Resources.certificate, "password");
\par >
\par > X509Store store = new X509Store(StoreName.My,
\par > StoreLocation.LocalMachine);
\par > store.Open(OpenFlags.ReadWrite);
\par >
\par > try
\par > \{
\par > store.Add(certificate);
\par > \}
\par > finally
\par > \{
\par > store.Close();
\par > \}
\par > \}
\par >
\par > Resource.certificate is a byte[] containing the public/private
\par > certificate.
\par >
\par > When I press the corresponding "Install" button in my app I see the
\par > private
\par > key created in "C:\\ProgramData\\Microsoft\\Crypto\\RSA\\MachineKeys".
\par > However as soon as I close the test app the private key is deleted - what
\par > is
\par > going on?
\par > This behaviour occurs on Vista64 + Win2k3_SP2.
\par >
\par > Note that if I install using the mmc in Vista or winhttpcertcfg on Win2k3
\par > the private key is installed and stays installed.
\par >
\par > Re
\par >
\par >
\par
\par \pard
\par
\par }