Skip to main content

.NET - CryptographicException 'Keyset does not exist'

When you use the certificate to do signing and encryption, you may encounter this exception:
CryptographicException 'Keyset does not exist'

One possibility of this error is that the caller has not read permission of the private certificate using. By granting the read permission to the private certificate, the problem is solved.

Following these steps to grant read permission to private certificate:


  1. In Windows -> Run, type mmc to open Microsoft Management Console
  2. In MMC, click File -> Add/Remove Snap-in...
  3. Choose "Certificates", then click "Add" 
  4. In the popup window, choose "Computer account" and then click "Next"
  5. Choose "Local computer" and click "Finish" to close popup window
  6. Click "OK" to close "Add or Remove Snap-ins" dialog.
  7. Go to "Personal"  certificates store on the left navigation
  8. Found the certificate on the right panel and right click it and choose "All Tasks" -> "Manage Private Keys..."
  9. In the "Security" pop-up window, add the user you want and grant the read permission to it.

Comments

Post a Comment

Popular posts from this blog

Manage IIS 7 remotely using PowerShell and AppCmd

We can use  Windows PowerShell remoting features  to manage IIS 7 websites remotely.  Currently, remoting is supported on Windows Vista with Service Pack 1 or later, Windows 7, Windows Server 2008, and Windows Server 2008 Release 2.  Start Windows PowerShell as an administrator by right-clicking the Windows PowerShell shortcut and selecting Run As Administrator .  Enable PowerShell Remoting with Enable-PSRemoting -Force Starting a Remote Session using:  Enter-PSSession -ComputerName <COMPUTER> -Credential <USER> Now the PowerShell connected to the remote server. Any commands issued with work against the remote server. We can use the Appcmd.exe command line tool to manage remote server just as what we do locally. For example, to add an application pool: c:\windows\system32\inetsrv\appcmd add apppool /name:"Contoso" /managedPipelineMode:Integrated /managedRuntimeVersion:"v4.0" /enable32BitAppOnWin64:true To change application pool for a
Post a Comment
Read more

Entity framework code first error: OriginalValues cannot be used for entities in the Added state

When I was using Entity framework code first, I encountered an error when I tried to create an entity into database. The entity is: [ Table (" EmployeeProfile ")]     public partial class EmployeeProfile     {         [ Key ]         [DatabaseGeneratedAttribute(DatabaseGeneratedOption.Identity)]         public int EmployeeProfileID { get; set; }         [ ForeignKey ("Employee")]         public int EmployeeID { get; set; }         public virtual Employee Employee { get; set; }         [ ForeignKey (" Profile ")]         public int ProfileID { get; set; }         public virtual Profile Profile { get; set; }         [ Required ]         [ StringLength (255)]         public string ProfileValue { get; set; }     } When creating the entity, some entities have the ProfileValue="", this causes the EntityValidationException with the detailed message " OriginalValues cannot be used for entities in the Added state ". I want to allow the Prof
Post a Comment
Read more

X509Certificate2: The system cannot find the file specified.

When I use the new X509Certificate2(fileName, password, X509KeyStorageFlags.DefaultKeySet) to create certificate from certificate file containing private key in my web application, I got following error message: System . Security . Cryptography . CryptographicException : The system cannot find the file specified . at System . Security . Cryptography . CryptographicException . ThrowCryptogaphicException ( Int32 hr ) at System . Security . Cryptography . X509Certificates . X509Utils . _LoadCertFromBlob ( Byte [] rawData , IntPtr password , UInt32 dwFlags , Boolean persistKeySet , SafeCertContextHandle & pCertCtx ) at System . Security . Cryptography . X509Certificates . X509Certificate . LoadCertificateFromBlob ( Byte [] rawData , Object password , X509KeyStorageFlags keyStorageFlags ) at System . Security . Cryptography . X509Certificates . X509Certificate2 .. ctor ( Byte [] rawData , String password , X509KeyStorageFlags keyStorageFlags ) In orde
10 comments
Read more