使用X509Certificate2获取PrivateKey会导致CryptographicException“指定了无效的提供者类型". [英] Using X509Certificate2 to get PrivateKey causes CryptographicException "Invalid provider type specified"

问题描述

所有人

我正在开发一个Web应用程序，该应用程序使用X509Certificate2从认证文件中获取私钥.代码段如下所示:

    public static RSACryptoServiceProvider GetSignProviderFromPfx()
    {
        var strFileName = "c:\cer\mycerfile.pfx";
        var strPassword = "000000";            
        X509Certificate2 pc = new X509Certificate2(strFileName, strPassword, X509KeyStorageFlags.MachineKeySet);
        var ThePivateKey = pc.PrivateKey;

        return (RSACryptoServiceProvider)ThePivateKey;
    }

但是语句pc.Privatekey导致System.Security.Cryptography.CryptographicException指定了无效的提供程序类型".我确定认证文件没有问题，它确实具有私钥.并且属性pc.HasPrivateKey也返回true.

测试环境是VS2013，窗口7.

我还尝试了以下操作:

a.我在VS2013中使用iis express对其进行了调试，出现了问题.

b.我在与我的环境相同的另一台计算机上对其进行了调试，该问题也发生了.

c.我将该应用程序发布到了在Windows Web Server 2008 R2上运行iis的服务器上，它运行良好.

d.我已将该应用程序发布到寡妇azure网站上，也很好用.

因此，我想代码段没有问题.引发异常的主要原因是运行环境可能存在一些问题.我检查并比较了在不同环境中对认证文件的读写权限，它们都是相同的.

有人可以帮忙吗?

谢谢.

解决方案

我遇到了同样的问题，这就是我要解决的问题.希望这也会对您有帮助.

我们必须在应用程序池高级设置中将加载用户配置文件"设置为True

您也可以在我认为的web.config中进行设置.

But the statement pc.Privatekey causes a System.Security.Cryptography.CryptographicException "Invalid provider type specified" . I'm sure the certification file has no problem, it really has a private key. And the property pc.HasPrivateKey is also return true.

The test environment is VS2013, window 7.

I also tried following:

a. I debugged it in VS2013 with iis express, the problem occured.

b. I debugged it in another computer with same enviroment with mine, the problem occured too.

c. I published the application to a server with iis running on Windows Web Server 2008 R2, it worked fine.

d. I published the application to widows azure website, it also worked fine.

Therefore, I guess the code snippet has no problem. The key reason raising the exception is that there may be some problem about running environment. I checked and compared the reading/writing right on the certification file in different environment, all of them are same.

Anybody can help?

Thanks.

解决方案

I have been having the same problem and this is what I did to solve it. Hopefully this will help you too.

We had to set Load User Profile to True in the app pools advanced settings

You can also set it in the web.config I believe.

https://blogs.msdn.microsoft.com/vijaysk/2009/03/08/iis-7-tip-3-you-can-now-load-the-user-profile-of-the-application-pool-identity/

这篇关于使用X509Certificate2获取PrivateKey会导致CryptographicException“指定了无效的提供者类型".的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！