CryptographicException: Access denied - How to give access on User store?

c# wpf windows security
15,109

Solution 1

Posting a fix if someone looking for a solution for similar issue. I ran sysinternal process monitor and realized the constructor call was creating a key in machine key folder and gave user access to write on machine key.

Solution 2

In my situation, it was due to the lack of write access to the C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys folder.

My user was having only having the Read Access and once I granted the Write access it worked fine.

Solution 3

Just in case it helps someone, "CryptographicException: Access denied" can be caused by lack of space in the disc, that was my case.

Share:
15,109
Shiju Samuel
Author by

Shiju Samuel

Updated on June 24, 2022

Comments

  • Shiju Samuel
    Shiju Samuel almost 2 years

    I am trying to load a certificate from a pfx file in a WPF application and it gives me an access denied error. 

    using (FileStream stream = System.IO.File.OpenRead(certificatePath))
{
    using (BinaryReader reader = new BinaryReader(stream))
    {
        buffer = reader.ReadBytes((int)stream.Length);
    }
}

X509Certificate2 certificate = new X509Certificate2(buffer, password);

    System.Security.Cryptography.CryptographicException: Access denied.
    at System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr) at System.Security.Cryptography.X509Certificates.X509Utils._LoadCertFromBlob(Byte[] rawData, IntPtr password, UInt32 dwFlags, Boolean persistKeySet, SafeCertContextHandle& pCertCtx) at System.Security.Cryptography.X509Certificates.X509Certificate.LoadCertificateFromBlob(Byte[] rawData, Object password, X509KeyStorageFlags keyStorageFlags) at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(Byte[] rawData, String password) at HelloWorld.HelloClient.Models.Infrastructure.ReadCertificateFromPfxFile(String certificatePath, String password)

    The last line in snippet is causing an exception, and if I run it as an administrator it works fine. The issue seems to be the default constructor of X509Certificate2 tries to put private key in the user store. I am not using web application. this post doesn't resolve my issue. I think the current user might not have access to his own private key store. But how can I give that access?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

WPF how to get maximize/minimize button icon - Custom title bar
How to make a google-like auto complete textbox with C# in a WPF application?
How do I build a WPF application where I can drag and drop a user control between windows?
Hide the taskbar using C#
Error C0000142 when Starting a Process
How to manipulate WPF GUI based on user roles
Wpf Absolute vs. Relative Pack URIs
wpf canvas background image dynamically
Get all open WPF windows
How to make main window wait until a newly opened window closes in C# WPF?