Last post Oct 07, 2015 12:26 AM by Christru
Sep 06, 2015 11:22 PM|Alan Zhao|LINK
I am developing a web application that uses X509Certificate2 to get a private key from a certification file. Code snippet looks like following:
public static RSACryptoServiceProvider GetSignProviderFromPfx()
var strFileName = "c:\cer\mycerfile.pfx";
var strPassword = "000000";
X509Certificate2 pc = new X509Certificate2(strFileName, strPassword, X509KeyStorageFlags.MachineKeySet);
var ThePivateKey = pc.PrivateKey;
But the statement pc.Privatekey causes a System.Security.Cryptography.CryptographicException "Invalid provider type specified" . I'm sure the certification file has no problem, it really has a private key. And the property pc.HasPrivateKey
is also return true.
The test environment is VS2013, window 7.
I also tried following:
a. I debugged it in VS2013 with iis express, the problem occured.
b. I debugged it in another computer with same enviroment with mine, the problem occured too.
c. I published the application to a server with iis running on Windows Web Server 2008 R2, it worked fine.
d. I published the application to widows azure website, it also worked fine.
Therefore, I guess the code snippet has no problem. The key reason raising the exception is that there may be some problem about running
environment. I checked and compared the reading/writing right on the certification file in different environment, all of them are same.
Anybody can help?
Sep 08, 2015 01:04 AM|lextm|LINK
The reference code is available, so you might dig further into the call stack,
At least you cannot assume the PrivateKey is always RASCryptoServiceProvider.
Oct 07, 2015 12:26 AM|Christru|LINK
Your certificate is using a different provided type. I would venture to guess CNG in some envs instead of RSA
Dump the cert info using certutil or openssl to check provider type. Then update your code accordingly.