certificate - 对象仅包含 key 对的公共(public)部分

标签 certificate client-certificates

安装客户端证书后,出现异常“对象仅包含 key 对的公共(public)部分。还必须提供私钥”。我的应用程序是在 ASP.NET 平台上运行的 VC#.NET 应用程序。该应用程序还使用 WSE 2.0 将证书导入到发出 SOAP 请求中。

经过研究,我发现此异常属于 System.Security.Cryptography.CryptographicException 类型。

我非常肯定我的所有 WSE 设置都配置正确,因为我能够通过主题可分辨名称找到类似的证书。任何想法将不胜感激。

最佳答案

我最近遇到了同样的问题。我找到了one explanation here这对我有用。具体来说,私钥的权限。完整信息复制如下。

There are a couple things that I would look at first:

  1. Do you have a private key for this certificate?
  2. Have you given permission for youf application to access the private key?

You can establish whether you have a private key by viewing the certificate through the Windows Certificate Store. To get to this, follow these steps:

  1. From the Windows Start menu, select Run.
  2. Type mmc in the Open: field. Click OK
  3. Select "Add/Remove Snap-in" from the File menu.
  4. Click the Add button.
  5. Select "Certificates" from the list of Available Standalone Snap-ins. Click the Add button.
  6. Select "Computer account." Click Next.
  7. Select "Local Computer". Click Finish.
  8. Click Close.
  9. Click OK.
    1. Expand the Certificates node under the Console Root and open the Personal store.
    2. Double-click the Certificate you're using. If you have a private key, the dialog will display a message at the bottom that says "You have a private key that corresponds to this certificate".

If you have a private key, then ensure that your application has permission to access the key:

  1. Open Windows Explorer.
  2. Navigate to the C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys folder.
  3. Select the files containing the keys that the WSE will need to retrieve.
  4. From the File menu, select Properties.
  5. On the Security tab, add the ASPNET account and select th e Full Control option.
  6. Notes: 1. Determining which key file in the MachineKeys folder is associated with a certificate can be difficult. One easy method is to note the creation date and time when creating a new certificate. When you view the files in the MachineKeys directory, check the Date Modified field for the corresponding date and time. 2. If you have configured your system to run under a different account than ASPNET, use that account when granting permissions to access the certificate.

关于certificate - 对象仅包含 key 对的公共(public)部分,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/1895366/

上一篇:wpf - 如何在父控件中绑定(bind)子用户控件的数据上下文

下一篇:powershell - 为什么 "dir"命令没有向我显示某些文件夹?

相关文章:

windows-phone-8.1 - 升级到最新的 windows phone 8.1 后发送证书失败

android - 读入 Android 应用程序的 PKCS12/P12 客户端证书文件

eclipse - 如何使用 EGit 在 Eclipse 中配置 GIT HTTPS 客户端证书身份验证?

Docker secret 和 Compose 兼容性问题

java - 将私钥导入Java时出错

powershell - Powershell在以分配的执行模式执行代码之前要求确认

java.security.cert.CertificateException : Unable to initialize

https - 从 DoD CAC 卡获取客户证书

java - 如何为 Websphere MQ 客户端启用带有客户端证书的 SSL?

python-requests - Python 请求无法通过(转换后的)客户端证书获得成功响应

©2024 IT工具网  联系我们