Thursday, April 3, 2014

Certificates snap-in: Where is the manage private keys option?

To setup a 2 way trust between my WCF service and (web) client I’m using SSL and X509 certificates. The problem was that I got the following exception on the client:

CryptographicException 'Keyset does not exist'.

I had this error before so I knew I had to give my application pool user access to the private key of the client certificate. So I opened MMC, loaded the Certificates snap in, right clicked on the certificate and saw… no ‘Manage Private Keys’ option Bedroefde emoticon.

It took me some time to figure out that I had to add the Certificates snap-in using the "Computer account" option instead of the default "My user account" optionVerwarde emoticon.


After doing that, the “Manage Private Keys” option was available:


No comments: