Windows 7下Makecert问题
我正在创建一个与 SslStream 一起使用的证书,并且我一直在 XP 下这样做:
makecert -r -pe -n "CN=aName" -ss my -sr localmachine -sky exchange
-sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12 server.cer
如果我理解正确的话,这会在 server.cer 中创建一个证书,并在我的个人证书中为其创建一个私钥店铺。完成此操作后,我可以创建一个如下所示的证书对象:
X509Certificate.CreateFromCertFile(certFile);
然后将其与 SSLStream 一起使用,一切正常。
现在我已经切换到Windows 7,每次重新启动机器时私钥似乎都会消失。我以管理员身份运行命令提示符,并执行上面显示的相同 makecert 命令。此操作成功并且 SSL 连接正常工作。如果我重新启动计算机,对 AuthenticateAsServer 的调用将失败,并出现异常“服务器模式 SSL 必须使用具有关联私钥的证书”。
私钥为什么会消失?我需要做什么才能让它坚持下去?
I'm creating a certificate to use with an SslStream, and I've been doing it this way under XP:
makecert -r -pe -n "CN=aName" -ss my -sr localmachine -sky exchange
-sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12 server.cer
If I understand this correctly, this creates a certificate in server.cer, and creates a private key for it in my personal certificate store. Once I have done this, I can create a certificate object like this:
X509Certificate.CreateFromCertFile(certFile);
I then use it with the SSLStream, and everything works fine.
Now that I have switched to Windows 7, the private key seems to be disappearing every time I restart the machine. I run a command prompt as Administrator, and execute the same makecert command shown above. This succeeds and the SSL connection works correctly. If I restart the machine, the call to AuthenticateAsServer fails with the exception "The server mode SSL must use a certificate with the associated private key."
Why is the private key disappearing? What do I need to do to make it stick around?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
在所有情况下您都是同一用户吗?当您说“以管理员身份运行”时,我认为您可能会导致它将私钥与不同的用户关联,或者私钥文件可能没有适当的权限。如果是权限问题,或者您不确定密钥是否消失,请使用 FindPrivateKey 工具:
http://msdn.microsoft.com/en-us/library/ms732026。 ASPX
我认为它是 Server2003 工具的一部分,但它在常规 XP 上运行良好。所以希望它也能在 Windows7 上运行。我现在不在我的Win7机器上。
Are you the same user in all cases? When you say "run as administrator", I think you may be causing it to associate the private key with a different user, or maybe the private key file doesn't have proper permissions. If it's a permissions issue, or if you're not sure if the key is disappearing, use the FindPrivateKey tool:
http://msdn.microsoft.com/en-us/library/ms732026.aspx
I think it's part of the Server2003 tools, but it runs fine on regular XP. So hopefully it'll run on Windows7 too. I'm not at my Win7 machine now.