“我的”证书店去吗? [英] Where did 'My" certificate store go?
问题描述
因为我真棒,我试图运行最新的WIF演示应用程序使用VS2k10 B2在我的7盒... 64位当然(我的颈部很强)我有一个问题,让它运行。 p>
整个演示的一部分需要我在本地机器上安装一些证书。问题是,他们要求我将一些网站证书安装到名为 LocalMachine / My 的证书存储中。好,现在似乎没有任何 /我的。出现了一个名为个人的可疑类似商店,但如果我在其中安装证书并更改配置以查看 LocalMachine / Personal ,则应用无法正常工作。
如果我在 TrustedPeople 中安装证书(根据我尝试使用Personal时抛出的异常,它被认为是有效的位置),是足够了吗?
Windows Identity Foundation测试项目可以是位于: http://claimsbasedwpf.codeplex.com
例外:
属性名称:'certificateReference'
错误:'ID1025:找不到唯一的
符合条件的证书。
StoreName:'My'StoreLocation:
'LocalMachine'X509FindType:
'FindBySubjectDistinguishedName'
FindValue:'CN = busta-rpsts.com''
.NET是指不同于windows的商店。这是一个正确的痛苦的屁股。当.NET谈到我的商店Windows时,它指的是个人商店。
你放在哪里取决于他们的目的。个人存储用于您将使用的证书,其中既有公钥也有私钥。受信任的人员存储用于您(通常)只有公共密钥并希望为这些证书添加显式信任的证书。
还请记住,如果您使用证书来加密您的用户帐户,则必须能够访问私钥。对于在LocalMachine / My中安装的证书,管理员将会,但是,例如,NETWORK SERVICE不会。您需要专门授予对私钥的访问权限。
Because I'm awesome I'm trying to run the latest WIF demo app using VS2k10 B2 on my 7 boxen... 64bit of course (my neckbeard is strong) I'm having a problem getting it running.
Part of the whole demo thing requires I install some certificates on the local machine. Problem is that they ask me to install some of the website certs into a certificate store called LocalMachine/My. Well, there doesn't appear to be any /My anymore. There appears a suspiciously similar store called Personal, but the app doesn't work if I install the certs there and change the configurations to look in LocalMachine/Personal.
If I install the certs in TrustedPeople (it's mentioned as a valid location by the exception that was thrown when I attempted to use Personal), is that sufficient? Would doing this be considered bad form on a production machine?
The Windows Identity Foundation test project can be found at: http://claimsbasedwpf.codeplex.com
The exception:
Property name: 'certificateReference' Error: 'ID1025: Cannot find a unique certificate that matches the criteria. StoreName: 'My' StoreLocation: 'LocalMachine' X509FindType: 'FindBySubjectDistinguishedName' FindValue: 'CN=busta-rpsts.com''
The .NET refers to the stores differently than windows does. Which is a right pain in the butt. When .NET talks about the My store Windows refers to it as the Personal store.
Where you put certs depends on their purpose. The Personal store is for certificates you will use, where you have both the public and private key. The Trusted People store is for certificates where you (normally) only have the public key and want to add an explicit trust for those certificates.
Also remember if you are using a certificate to encrypt your user account must have access to the private key. For certificates installed in LocalMachine/My then administrators will but, for example, NETWORK SERVICE will not. You will need to specifically grant access to the private key.
这篇关于“我的”证书店去吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
