1

Is there a way to import a certificate into the Personal store of the ApplicationPool identity in Windows?

The problem started from the way Azure websites make use of imported certificates. As correctly explained in this blog post - https://azure.microsoft.com/blog/2014/10/27/using-certificates-in-azure-websites-applications/ - for Azure websites the certificates will be installed to the Personal certificate store of the ApplicationPool Identity of the worker process.

The certificate is then accessed in the following way:

X509Store certStore = new X509Store(StoreName.My, StoreLocation.CurrentUser);

We are deploying the same code on-premise as well as on Azure, so we need a way to replicate this behavior on our Windows Server 2012R2.

Stefan Iancu
  • 143
  • 1
  • 2
  • 13
  • 1
    We ended up by creating a key in web.config telling us from which store to load the certificate. – Stefan Iancu Jun 19 '15 at 03:56
  • I'm running into this same problem. All the guidance is from 4-5 years ago advising to add private key permissions to the local machine's personal cert store - this may have worked 5 years ago but it doesn't seem to work on windows server 2012. I'll try your idea of using the web.config to specify the cert store. Thanks for the post – phil Jan 20 '16 at 13:30

0 Answers0