IIS 6私钥证书访问 [英] IIS 6 Private Key certificate access

查看:123
本文介绍了IIS 6私钥证书访问的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我们有一个运行在框架2.0中并托管在IIS 6服务器中的Web asp.net应用程序,而操作系统是Windows Server2003.该Web应用程序正在申请要由Web服务进行身份验证的客户端证书.我们已使用de用户网络服务"来个性化应用程序池.

We have a Web asp.net application running in the framework 2.0 and hosted in an IIS 6 server, and the OS is windows server 2003. The web application is suing a client certificate to be authenticated by a web service. We have impersonalized the application pool with de user "Network Service".

问题是当我们必须访问存储在机器密钥/我的存储器中的证书的私钥时.用户网络服务无法访问密钥.

The problem is when we have to access to the private key of the certificate that is stored in the machine key/my storage. The user Network Service cannot access the key.

我们使用winhttpcertcfg.exe工具为网络服务用户赋予了特权,但是结果是相同的.

We have given privileges to the Network Service user using the winhttpcertcfg.exe tool, however the result is the same.

当我们使用本地管理员来个性化应用程序池时,结果将成功.因此,我们认为问题在于用户的特权.

When we impersonalize the application pool with the local administrator the result is successfully. Therefore we think that the problem is the privileges of the user.

如果有人可以给我们一些信息,我们将不胜感激.

If someone could give us some information about, we would be gratefully.

预先感谢

推荐答案

最后,在获得许多失败的结果之后,我们终于解决了问题,但最终每个问题都有自己的解决方案.

Finally we got to solve the problem after many unsuccessfully results but at finish each problem has its own solution.

我们的解决方案包括为本地计算机创建管理员帐户.之后,我们使用该帐户登录并运行MMC/s命令.我们将证书导入LOCAL_MACHINE/我的商店.

Our solution consists of creating an administrator account for the local machine. After that we log on with this account and run the MMC /s Command. We import the certificate in LOCAL_MACHINE/My store.

第二部分是从管理员组中删除用户,并且我们使用创建的用户为ASP.NET 2.0应用程序创建服务帐户,这样更好在以下URL中进行了解释 http://msdn.microsoft.com/zh-CN /library/ms998297.aspx .

The second part is to remove the user from the administrator group and we create a Service Account for an ASP.NET 2.0 Application with the created user, which is better explained in the following URL http://msdn.microsoft.com/en-us/library/ms998297.aspx.

祝你好运.

这篇关于IIS 6私钥证书访问的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆