none
WCF Client - "Invalid provider type specified" when accessing private key, .NET 4.6, Microsoft Software Key Storage Provider RRS feed

  • Question

  • I have a standard WCF windows form client app that I wrote that handles scheduled automatic payments for a Utility Billing system. It communicates with a central WCF service that I wrote that performs credit card processing. My WCF clients that utilize IIS are working fine with the newer certificates but the Windows form client is not. The target is 4.6. The app config references the certificate. The private key shows that it exists in the cert and permission has been granted to the private key.

    I am utilizing transport security with Certificate as the clientCredentialType and same also for the message:

    <security mode="TransportWithMessageCredential">

    <transport clientCredentialType="Certificate" />

    <message clientCredentialType="Certificate" />

    </security>

    Are Microsoft Software Key Storage Provider certificates not supported in this type of configuration? The same exact cert is used for the WCF windows hosted service and it's working fine though is the strange thing. The WCF client that handles automatic payments runs on the same server that the WCF host service runs. The WCF service is working with other remote IIS hosted clients (for IVR and IWR). 

    These apps were working fine with the older certs. My client is undergoing a security audit and the firm performing the audit recommended the higher security certs which are now causing this issue. 

    Is it necessary to use the Legacy Cryptographic Service Provider instead of the Key Storage Provider when creating a certificate?Are these certs less secure? Why does the IIS work with the higher security certificates, but not the Windows Form app? Why does my Windows hosted Service work with the same exact cert that the WCF client is trying to use? Has to do with access to the private key? Do I need to specify anything different in the app.config to tell it to use the Key Storage Provider Certificate type to get the private key?

    Any suggestions are greatly appreciated!

    Regards,

    Jim Mabey

    Owner/Software Developer,

    INFORMATION MANAGEMENT TECHNOLOGIES

    Tuesday, March 1, 2016 2:32 AM

All replies

  • Below has a same error. you can refer to:

    https://blogs.msdn.microsoft.com/alejacma/2009/12/22/invalid-provider-type-specified-error-when-accessing-x509certificate2-privatekey-on-cng-certificates/



    • Edited by qinyu000 Thursday, March 3, 2016 1:14 AM
    Thursday, March 3, 2016 1:14 AM