Menu
I have a server certificate working with my WCF service.
However when I run the webservice I seem to have a permissions problem.
[ArgumentException: The certificate 'CN=S80' must have a private key that is capable of key exchange. The process must have access rights for the private key.]
Any idea?
663
On Windows servers, the OS manages your certificate files for you in a hidden folder, but you can retrieve the private key by exporting a “. pfx” file that contains the certificate(s) and private key. Open Microsoft Management Console (MMC). In the Console Root expand Certificates (Local Computer).
Step 1: Go to folder (C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA). Step 2: Open properties for MachineKeys Folder and go to Security Tab. Step 3: Provide Read & execute and List folder contents permission for IUserand Network Service account.
Assuming you have the full public/private key pair you haven't granted access to the private key of the certificate to the process your WCF service is running under.
Now how you do this depends on your OS version and how you are hosting the service but this article provides instructions that should work in for XP and Windows 2003.
For Windows 2008/Vista/Win7 the process is slightly easier. Start MMC and add the Certificate Snap-in, selecting the right container owner for your SSL certificate. Find the certificate (it's probably in the personal store), right click on it and choose All Tasks > Manage Private key. Grant read access to the private key to the user hosting your service.
98
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
