Strong Name sn.exe: Failed to install key pair -- Object already exists

ChrisG picture ChrisG · May 20, 2014 · Viewed 14.2k times · Source

I have 2 different versions of the same project on my machine. One from the code trunk, and the other from a code branch. These projects use a .pfx key to enable strong naming. When I first tried to compile the trunk version of the project I get the following error:

Cannot import the following key file: sgKey.pfx. The key file may be password protected. To correct this, try to import the certificate again or manually install the certificate to the Strong Name CSP with the following key container name: VS_KEY_45891C38BC1BB345

To resolve this I use sn.exe with the following command:

sn -i sg Key.pfx VS_KEY_45891C38BC1BB345

This resolves the issue with the trunk project, which then happily builds.

However, when I try to build the branch version of the project, I receive the same initial error (with the same key container name), and when I try install the certificate using the sn.exe it (not surprisingly) gives the following error:

Failed to install key pair -- Object already exists

This makes sense in that I used the same infile and container on the sn command, but what I am trying to understand is:

  1. If this object already exists, why is the project failing to build, as it would appear the certificate is already installed.
  2. How I resolve this (e.g. can I uninstall and then reinstall? and if so, how?)

Answer

ChrisG picture ChrisG · May 20, 2014

I have managed to resolve my issue, without fully understanding the cause. I found a post about a similar issue here, but did not fit my circumstance precisely, as I had only ever logged on to my machine as a single user.

The post showed how to delete the container, but I couldn't do this either as it said the container didn't exist. What it did though was prompt me to run the command prompt as an Administrator, which I had not done previously. This allowed me to uninstall and re-install the certificate, and both versions of the project now build successfully.

My assumption is that somehow the certificate had initially been installed (by me) under a different user than the one I tried to install with the second time, though I don't know why this would be, as I have only ever logged on to the machine as a single user. It remains something of a mystery to me.


Summary:

  1. Start the developer command prompt as administrator, otherwise you'll get a misleading error saying the container doesn't exist.
  2. Run sn -d VS_KEY_XXXXXXXXXXX to remove the old key.
  3. You should now be able to reinstall the certificate.