Hello,

I'm working on an ASP.NET web application that takes in an encrypted data
token and decrypts it. On my Windows XP box, I have created a public/private
key pair using makecert.exe and imported it into the LocalMachine/MY
certificate store. However, when I get the encrypted token, I'm getting the
following error in my ASP page:

Certificate for recipient(s) specified in the EnvelopedData object cannot be
found.

Now, when I run the exact same code as a standalone application, it works -
this leads me to believe that my problem is permissions-oriented. I have
downloaded and used the WinHTTPCertConfig tool to grant the ASPNET,
IUSR_machinename and IWAM_machinename accounts private key access to the
LOCAL_MACHINE\My key store. But when I access the local machine MY store and
iterate through the certificates, I am still getting an error accessing the
private key of the certificate that I want.

Does anybody have a suggestion for getting ASPNET access to the private keys?

TIA,

Scott