Menu
I have a bit of code that signs and encrypts some text based on two certificates. The code is working locally. An important detail to get the code to work was that I checked the checkbox "Mark the key as exportable" when importing the certificates on my developer machine.
I have now uploaded the certificates to my azure app service in the "Private Key Certificates" section below the app service TLS/SSL settings. But this upload functionality did not seem to have a feature similar to the important checkbox from before.
When running the code that was working locally in the context of my app service I get this exception:
System.Security.Cryptography.CryptographicException, Key not valid for use in specified state
I expect that this is also the exception I would get locally, if I had not marked the certificate as exportable.
Any ideas on how to fix this?
926
Unfortunately, this is not supported. While you can use the private key to sign or decrypt, it's not exportable. This intended design is to prevent unintended delegation. I would advise access to those by other means. Perhaps uploading your certificate to Key Vault and retrieving it from there.
100
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
