When your application use certification and you have a
windows service, and you set the user of
the windows service to be for example Network Service to be able to access
resources on network by the windows service , you may get the following
exception
It is likely that certificate 'CN=XX' may not have a private
key that is capable of key exchange or the process may not have access rights
for the private key. Please see inner exception for detail. Keyset does not
exist
That mean the Network
Service account have no access for the certification
Then You have to give authority for the Network Service
account to access your certification
Then you can use WinHttpCertCfg
WinHttpCertCfg.exe -g -c LOCAL_MACHINE\MY -s "IssuedToName"
-a "AccountName"
Note AccountName is the name of a local computer account or a domain account. IssuedToName
is the name of the company or domain to which the client certificate was
issued.
Reference
