Can/how do microsoft docker containers work with CNG KSPs?

Question

I have some windows c++ code that uses CNG to access the Microsoft Software Key Storage Provider:

https://learn.microsoft.com/en-us/windows/desktop/seccertenroll/cng-key-storage-providers#microsoft-software-key-storage-provider

I would like to containerize my application with Docker using Hyper V or Server Containers. Can I do so any still access that provider? Or any provider?

I haven't found any doc saying whether or how this would work, other than that Server Containers hit the kernel and Hyper V cannot:

https://learn.microsoft.com/en-us/virtualization/windowscontainers/about/index

I would presume that means that if anything only the server containers would work on the Microsoft Software KSP...does anyone know better?

Answer 1

Can I do so any still access that provider? O

Yes, you can still access provider, but state would be completely clear(no internal data was shared between host machine and container)

Or any provider You can't guarantee it, especially for third-party CSPs, because nanoserver has limited subset of winapi(e.g. no advapi32), some providers will fail to load in this environment