What Certification Stores to use? RRS feed

  • Question

  • Hello, I  should make a WCF client which uses Client Certificate Authentication to Web Service made by Third party Vendor.

    All information that I got was URL and three certification files: client_certification.cer, server_certification.cer and private_key.pfx.

    I tried following: I put server_certification.cer and private_key.pfx into Trusted Root Certificate Store. Then in my Client's C# code I read client_certificate.cer from file system using X509 class and set it into ServiceStub's ClientCertification member. But when invoking Web Service method I got error "X509 Certificate doesn't contain private key".

    I also tried to put all these three files into Trusted Root Certificate Store but It neither worked.

    To which certificate stores I should put these files?

    Especially were that private_key.pfx file should be located?

    Br Con



    Wednesday, May 5, 2010 5:05 PM


  • Hi Br,

    I dont know what are these three certificate used for, the best choice is to consult the service provider, let them to provide certificate installing instructions.

    Based on the certificate name, I guss private_key.pfx is client certificate, you need install it to "My" folder, server_certification.cer is service certificate, install it to "Trusted People" folder.

    To consume the service
        1. use svcutil to generate wcf client for service,
        2. add generated code/config to project
        3. edit config file or code, specify client certificate.
        4. run the applicaton. if still got "no private key" error, please check if the account which application is running under has the permission to access private_key.pfx priviate key.


    Mog Liang
    • Marked as answer by Mog Liang Thursday, May 13, 2010 9:38 AM
    Friday, May 7, 2010 5:29 AM