Private Key is not available

When you use X509Certificate to encrypt a message, sometime you will see an error like "Private Key is not available".  Here is the list you want to check first:

1. Permission problem:

       The running thread must have permission to access the public/private key portion of the certificate.  You can easily find out where the private key folder is using WseCertificate.exe tool;

2. Store location error:

      By default, WSE will always go to LocalMachine store to retrieve certificate.  This can be customized by <x509> section;

3. Wrong version of makecert.exe:

      In case you are using makecert to generate the x509 certificate, make sure you use the correct version of makecert.  The one from the platformsdk is the correct version the one you should use.  The incorrect version of makecert will store the public/private key pair into the the user account who is currently running the makecert executable although you specify the LocalMachine option. The makecert which works for me has the file version of "5.131.3672.0".

      You can download platform sdk from the following link:

https://www.microsoft.com/msdownload/platformsdk/

Hope this helps!

Comments

  • Anonymous
    November 11, 2004
    I've seen this happen if your password is changed by an admin. i.e. by not changing it on the PC with Change Password.