X509Certificate2 p12 is store required?

c# x509certificate private-key x509certificate2

Rutger · Sep 11, 2012 · Viewed 11.6k times · Source

Question when running the following code:

X509Certificate2 cert = new X509Certificate2(@"C:\file.p12", "password", X509KeyStorageFlags.Exportable);
RSACryptoServiceProvider crypt = (RSACryptoServiceProvider)cert.PrivateKey;

I get the following error: Keyset does not exist.

I have not added the certificate to a store, is this required to be able to access the private key?

Answer

Add the X509KeyStorageFlags.PersistKeySet option to the last argument of the X509Certificate2 constructor. Otherwise, when it loads the p12 file, it will not load the private key. Specifically:

X509Certificate2 cert = new X509Certificate2(@"C:\file.p12", "password",    
    X509KeyStorageFlags.Exportable | X509KeyStorageFlags.PersistKeySet);
RSACryptoServiceProvider crypt = (RSACryptoServiceProvider)cert.PrivateKey;

If that fails, it may be a file permission issue on where the key is stored. See X509Certificate - Keyset does not exist for an explanation and example.

X509Certificate2 p12 is store required?

Answer

Related questions