x509证书构造异常 [英] X509Certificate Constructor Exception

问题描述

//cert is an EF Entity and 
//    cert.CertificatePKCS12 is a byte[] with the certificate.

var certificate = new X509Certificate(cert.CertificatePKCS12, "SomePassword");

当装载从我们的数据库中的证书，我们的临时服务器（Windows 2008 R2 / IIS7.5）上，我们得到这个异​​常：

When loading a certificate from our database, on our staging server (Windows 2008 R2/IIS7.5) we get this exception:

System.Security.Cryptography.CryptographicException: An internal error occurred.

   at System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr)
   at System.Security.Cryptography.X509Certificates.X509Utils._LoadCertFromBlob(Byte[] rawData, IntPtr password, UInt32 dwFlags, Boolean persistKeySet, SafeCertContextHandle& pCertCtx)
   at System.Security.Cryptography.X509Certificates.X509Certificate.LoadCertificateFromBlob(Byte[] rawData, Object password, X509KeyStorageFlags keyStorageFlags)

注意：：此问题不会发生在本地（的Windows 7 /卡西尼）

NOTE: This issue does not happen locally (Windows 7/Casini).

任何了解大大AP preciated。

Any insight is greatly appreciated.

推荐答案

原来有一个在IIS应用程序池的配置（应用程序池高级设置>）加载应用程序池标识用户的用户配置文件设置。如果设置为false，则密钥容器是不可访问。

Turns out there's a setting in the IIS Application Pool configuration (Application Pools > Advanced Settings) to load the user profile for the application pool identity user. When set to false, the key containers aren't accessible.

这篇关于x509证书构造异常的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！