H
hagaiy
Has anyone else come across this?
We are building an ASP.Net application that uses a certificate and
private key in the local machine store. (we are testing it both on
windows 2000 & 2003)
We failed accessing the private key of the certificate and as we tried
to figure out what is the problem we came across the following
Microsoft Article:
http://support.microsoft.com/default.aspx?scid=kb;en-us;327587
(slightly different scenario, but similar), this article suggests
adding permissions to the ASPNET account to the "i:\Documents and
Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys"
folder.
After that we added the permissions to the ASPNET account the
application was able to work with the private key but we started seeing
strange behavior in other places.
For example, trying to import a pfx file into the local computer store
caused the following error:
"An internal error occurred. This can be either the user profile is not
accessible or the private key that you are importing might require a
cryptographic service provider that is not installed on your system."
the same operation works fine without adding the permissions for the
ASPNET user, i can't understand why adding permissions to a user would
cause other users problems ?
If this expected behavior when setting permissions on MachineKeys? Is
there a way to avoid this?
Any info would be great,
Thanks,
Hagai.
We are building an ASP.Net application that uses a certificate and
private key in the local machine store. (we are testing it both on
windows 2000 & 2003)
We failed accessing the private key of the certificate and as we tried
to figure out what is the problem we came across the following
Microsoft Article:
http://support.microsoft.com/default.aspx?scid=kb;en-us;327587
(slightly different scenario, but similar), this article suggests
adding permissions to the ASPNET account to the "i:\Documents and
Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys"
folder.
After that we added the permissions to the ASPNET account the
application was able to work with the private key but we started seeing
strange behavior in other places.
For example, trying to import a pfx file into the local computer store
caused the following error:
"An internal error occurred. This can be either the user profile is not
accessible or the private key that you are importing might require a
cryptographic service provider that is not installed on your system."
the same operation works fine without adding the permissions for the
ASPNET user, i can't understand why adding permissions to a user would
cause other users problems ?
If this expected behavior when setting permissions on MachineKeys? Is
there a way to avoid this?
Any info would be great,
Thanks,
Hagai.