Give Access to Certificate in Store
-
I just want to add X509Certificate to store, and enable user to read it's private key. I snatched part of code from here but it won't work.
private static void PlaceInStore(X509Certificate2 cert) { X509Store store = new X509Store(StoreName.My, StoreLocation.LocalMachine); try { store.Open(OpenFlags.ReadWrite); using (RSACryptoServiceProvider csp = cert.PrivateKey as RSACryptoServiceProvider) { CspKeyContainerInfo kci = csp.CspKeyContainerInfo; CryptoKeySecurity cks = kci.CryptoKeySecurity; cks.SetAccessRule(new CryptoKeyAccessRule("ARCHITECT\\testuser", CryptoKeyRights.FullControl, AccessControlType.Allow)); } if (!store.Certificates.Contains(cert)) store.Add(cert); } finally { store.Close(); } }Help anyone? -
I just want to add X509Certificate to store, and enable user to read it's private key. I snatched part of code from here but it won't work.
private static void PlaceInStore(X509Certificate2 cert) { X509Store store = new X509Store(StoreName.My, StoreLocation.LocalMachine); try { store.Open(OpenFlags.ReadWrite); using (RSACryptoServiceProvider csp = cert.PrivateKey as RSACryptoServiceProvider) { CspKeyContainerInfo kci = csp.CspKeyContainerInfo; CryptoKeySecurity cks = kci.CryptoKeySecurity; cks.SetAccessRule(new CryptoKeyAccessRule("ARCHITECT\\testuser", CryptoKeyRights.FullControl, AccessControlType.Allow)); } if (!store.Certificates.Contains(cert)) store.Add(cert); } finally { store.Close(); } }Help anyone?I once had to do a similar thing - adding a certificate to a particular certificate store. And I discovered something very strange: Nothing happened if I used the Add method, but if instead I used the AddRange method it worked. AddRange takes as parameter a collection of certificates. Just create a new collection, add your certificate to it and call AddRange. And never lose your hope. :)
-
I once had to do a similar thing - adding a certificate to a particular certificate store. And I discovered something very strange: Nothing happened if I used the Add method, but if instead I used the AddRange method it worked. AddRange takes as parameter a collection of certificates. Just create a new collection, add your certificate to it and call AddRange. And never lose your hope. :)
Dunno... Add method works great for me. Anyways I found some kind of solution googling, it works, but I don't like it. Anyways, if someone has better solution please post, until then I'll use this:
private static void PlaceInStore(X509Certificate2 cert) { X509Store store = new X509Store(StoreName.My, StoreLocation.LocalMachine); try { store.Open(OpenFlags.ReadWrite); if (!store.Certificates.Contains(cert)) store.Add(cert); int indexInStore = store.Certificates.IndexOf(cert); cert = store.Certificates\[indexInStore\]; AddAccessToCertificate(cert, "ARCHITECT\\\\testuser"); } finally { store.Close(); } } private static void AddAccessToCertificate(X509Certificate2 cert, string user) { RSACryptoServiceProvider rsa = cert.PrivateKey as RSACryptoServiceProvider; if (rsa != null) { string keyfilepath = FindKeyLocation(rsa.CspKeyContainerInfo.UniqueKeyContainerName); FileInfo file = new FileInfo(keyfilepath + "\\\\" + rsa.CspKeyContainerInfo.UniqueKeyContainerName); FileSecurity fs = file.GetAccessControl(); NTAccount account = new NTAccount(user); fs.AddAccessRule(new FileSystemAccessRule(account, FileSystemRights.FullControl, AccessControlType.Allow)); file.SetAccessControl(fs); } } private static string FindKeyLocation(string keyFileName) { string text1 = Environment.GetFolderPath(Environment.SpecialFolder.CommonApplicationData); string text2 = text1 + @"\\Microsoft\\Crypto\\RSA\\MachineKeys"; string\[\] textArray1 = Directory.GetFiles(text2, keyFileName); if (textArray1.Length > 0) { return text2; } string text3 = Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData); string text4 = text3 + @"\\Microsoft\\Cry -
Dunno... Add method works great for me. Anyways I found some kind of solution googling, it works, but I don't like it. Anyways, if someone has better solution please post, until then I'll use this:
private static void PlaceInStore(X509Certificate2 cert) { X509Store store = new X509Store(StoreName.My, StoreLocation.LocalMachine); try { store.Open(OpenFlags.ReadWrite); if (!store.Certificates.Contains(cert)) store.Add(cert); int indexInStore = store.Certificates.IndexOf(cert); cert = store.Certificates\[indexInStore\]; AddAccessToCertificate(cert, "ARCHITECT\\\\testuser"); } finally { store.Close(); } } private static void AddAccessToCertificate(X509Certificate2 cert, string user) { RSACryptoServiceProvider rsa = cert.PrivateKey as RSACryptoServiceProvider; if (rsa != null) { string keyfilepath = FindKeyLocation(rsa.CspKeyContainerInfo.UniqueKeyContainerName); FileInfo file = new FileInfo(keyfilepath + "\\\\" + rsa.CspKeyContainerInfo.UniqueKeyContainerName); FileSecurity fs = file.GetAccessControl(); NTAccount account = new NTAccount(user); fs.AddAccessRule(new FileSystemAccessRule(account, FileSystemRights.FullControl, AccessControlType.Allow)); file.SetAccessControl(fs); } } private static string FindKeyLocation(string keyFileName) { string text1 = Environment.GetFolderPath(Environment.SpecialFolder.CommonApplicationData); string text2 = text1 + @"\\Microsoft\\Crypto\\RSA\\MachineKeys"; string\[\] textArray1 = Directory.GetFiles(text2, keyFileName); if (textArray1.Length > 0) { return text2; } string text3 = Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData); string text4 = text3 + @"\\Microsoft\\CryHi Mikker, I know its been a longgggggggggggggggggggggg time since you have replied to this post but I bumped into your post and I wanna do exactly what you have mentioned...but the problem I am facing is that I am confused as to how to call the PlaceInStore() function ? I tried using HTTPHandlers in WCF service but it didnt work so I am kinda stuck now. Pleas help ?? Anybody??? :) Naeem
-
Dunno... Add method works great for me. Anyways I found some kind of solution googling, it works, but I don't like it. Anyways, if someone has better solution please post, until then I'll use this:
private static void PlaceInStore(X509Certificate2 cert) { X509Store store = new X509Store(StoreName.My, StoreLocation.LocalMachine); try { store.Open(OpenFlags.ReadWrite); if (!store.Certificates.Contains(cert)) store.Add(cert); int indexInStore = store.Certificates.IndexOf(cert); cert = store.Certificates\[indexInStore\]; AddAccessToCertificate(cert, "ARCHITECT\\\\testuser"); } finally { store.Close(); } } private static void AddAccessToCertificate(X509Certificate2 cert, string user) { RSACryptoServiceProvider rsa = cert.PrivateKey as RSACryptoServiceProvider; if (rsa != null) { string keyfilepath = FindKeyLocation(rsa.CspKeyContainerInfo.UniqueKeyContainerName); FileInfo file = new FileInfo(keyfilepath + "\\\\" + rsa.CspKeyContainerInfo.UniqueKeyContainerName); FileSecurity fs = file.GetAccessControl(); NTAccount account = new NTAccount(user); fs.AddAccessRule(new FileSystemAccessRule(account, FileSystemRights.FullControl, AccessControlType.Allow)); file.SetAccessControl(fs); } } private static string FindKeyLocation(string keyFileName) { string text1 = Environment.GetFolderPath(Environment.SpecialFolder.CommonApplicationData); string text2 = text1 + @"\\Microsoft\\Crypto\\RSA\\MachineKeys"; string\[\] textArray1 = Directory.GetFiles(text2, keyFileName); if (textArray1.Length > 0) { return text2; } string text3 = Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData); string text4 = text3 + @"\\Microsoft\\CryHow can we work if we have to access the remote server certificates. For remote server it is showing an exception keyset not found Thanks in Advance. Please enlighten me