There are some differences in how to do this for the 2008 R2 and the 2003 server, here's a short explanation and some useful resources for both versions.
Windows 2008 R2 server
On the 2008 R2 server, the lack of read access to the private key will manifest itself as this exception:
Exception Details: System.Security.Cryptography.CryptographicException: Keyset does not existA notable new feature in the 2008 R2 server (with IIS 7.5) is that applications pools run under their own user. You need to figure out which identity the application pool is running as, e.g.: IIS AppPool\DefaultAppPool. Here's a great writeup on how this works: Application pool identities.
The security properties of the private key file can be set through the certificate MMC snap-in. (Start -> run -> "mmc" -> Add snap-in -> Certificates -> Local Machine/Personal cert store). You need to give the application pool user read access to the private key file.
Note: the 2008 server (not R2) uses the same user execution model as the 2003 server, keep reading if you have one of those.
Windows 2003 server
On the 2003 server, the exception is even less informative than on the 2008 R2.
Exception Details: System.Security.Cryptography.CryptographicException: The handle is invalid.The challenge is still the lack of read access to the private key. Here's an explanation on how to use the WSE tool to adjust the private key's security settings. You can also check out Microsoft's findprivatekey.exe tool.
You'll probably need to give the user NETWORKSERVICE read access to the private key file, unless you've changed the application pool user defaults.
good
ReplyDelete20170518 leilei3915
ReplyDeletemont blanc pens
pandora charms
coach factory outlet
michael kors handbags
lacoste shirts
mlb jerseys wholesale
polo shirts
michael kors outlet clearance
cheap mlb jerseys
ugg boots
Free educational software is everywhere - you just have to look harder to find those that are good quality.http://www.how-todo.xyz/
ReplyDeleteThe finger print based access control software in India is made for all kinds of organizations as this tamper proof fingerprint door lock device reduces the managerial cost involved with the usual ID card or swipe cards. access control system installation
ReplyDeleteThanks, decent post. I would also like to share this page on whatsapp spy apps.
ReplyDeleteThe varying size pins line up with the cuts on a key to allow the plug to turn and activate the lock. So, if a lock has pins numbered 3-5-4-2-1 then the cuts on the key must be 3-5-4-2-1.автоключар
ReplyDeleteIn the case of an emergency then (or if you've just given up with the fiddly lock picking), you may want to break the door down.duplicate key maker
ReplyDeleteYou did really good work. I really appreciate your new and different post. Please guys keep it up and share with us some unique post in the futureMenmyshopCar StereoDouble Din Android PlayerHyepersonic Double Din PlayerHyundai Creta Double Din Player
ReplyDeleteCBSE open schoolcbse privatebanzaraonjourneyAdj online
You did really good work. I really appreciate your new and different post. Please guys keep it up and share with us some unique post in the futureMenmyshopCar StereoDouble Din Android PlayerHyepersonic Double Din PlayerHyundai Creta Double Din Player
ReplyDeleteCBSE open schoolcbse privatebanzaraAdj online
Excellent informative blog, keep for sharing.
ReplyDeleteBest System Integration services | Massil Technologies