HttpWebRequest not finding SSL client certs in the 'Local Computer' store

[[MSFT]]

Hi Hari,

Is your account an administrator account on the client computer?

Luke
Microsoft Online Support

Get Secure! [url]www.microsoft.com/security[/url]
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

[[MSFT]]

Regarding the issue, I suspect the certificate you used is in incorrect
type (not Computer certificate). You may request a new computer
certificate, and then install that certificate in the local computer
certificate store to see if it will help. Here is an article on how to
manage the certificate, hope this help:

HOW TO: Manage Certificates in Windows 2000
[url]http://support.microsoft.com/default.aspx?scid=kb;en-us;320878[/url]

Luke
Microsoft Online Support

Get Secure! [url]www.microsoft.com/security[/url]
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

[Hari]

What is a "Computer certificate" ? Is there a particular attribute in X509Certificate that the .NET framwork code is looking for to see if it is a "Computer certificate"

I am not getting my certs from Win 2000 CA. I am getting it from my own CA and later from Verisign

regards
har

[Joe Kaplan \(MVP - ADSI\)]

Is it possible that the context the cert is created in doesn't give it
access to the private key? Perhaps you need to use a cert that is installed
in a CAPI store for this to work? I'm not sure exactly how it works, but I
saw that you were using "cert from file" in your code and thought that
perhaps the crypto API can't find the public key for a cert read from disk
like that.

Just a thought,

Joe K.

"Hari" <harimenon@community.nospam> wrote in message
news:3F4E7783-F214-49EA-A7CD-CE1130C8B482@microsoft.com...

> What is a "Computer certificate" ? Is there a particular attribute in

X509Certificate that the .NET framwork code is looking for to see if it is a
"Computer certificate" ?

>
> I am not getting my certs from Win 2000 CA. I am getting it from my own CA

and later from Verisign.

>
> regards,
> hari
>

[Hari]

If I just remove the cert from the Local Computer store and add it to the Current User store, everything works fine. This would mean that the way the public key is being read is ok

It looks like the .NET framework classes do not either look in the Local Computer store for the private keys or that they *do* find my cert there but because it looks for some attribute in the cert, it rejects it. In the 2nd case, I would like to know what attribute is that it is looking for

Thanks
Har

[Hari]

The second article was exactly what I was looking for. It worked great. Thanks

One thing that was missing in it was that, by default, user defined datatypes may not be passed to the COM+ service (probably needs some custom martialling code for that). But as long as you stick to basic datatypes, everything works great if you just follow the steps mentioned in the article

Thanks
Har