Wednesday, November 14, 2012

certification under Network Service account


When your application use certification and you have a windows service, and  you set the user of the windows service to be for example Network Service to be able to access resources on network by the windows service , you may get the following exception

It is likely that certificate 'CN=XX' may not have a private key that is capable of key exchange or the process may not have access rights for the private key. Please see inner exception for detail. Keyset does not exist

 

 That mean the Network Service account have no access for the certification

Then You have to give authority for the Network Service account to access your certification

Then you can use WinHttpCertCfg

WinHttpCertCfg.exe -g -c LOCAL_MACHINE\MY -s "MyCompany" -a "NetworkService"

 

Reference

No comments: