IIS 6 Private Key certificate access

Question

Hi,

We have a Web asp.net application running in the framework 2.0 and hosted in an IIS 6 server, and the OS is windows server 2003. The web application is suing a client certificate to be authenticated by a web service. We have impersonalized the application pool with de user “Network Service”.

The problem is when we have to access to the private key of the certificate that is stored in the machine key/my storage. The user Network Service cannot access the key.

We have given privileges to the Network Service user using the winhttpcertcfg.exe tool, however the result is the same.

When we impersonalize the application pool with the local administrator the result is successfully. Therefore we think that the problem is the privileges of the user.

If someone could give us some information about, we would be gratefully.

Thanks in advance

Answer 1

Finally we got to solve the problem after many unsuccessfully results but at finish each problem has its own solution.

Our solution consists in creating an administrator account for the local machine. After that we log on with this account and run the MMC /s Command. We i**mport the certificate in LOCAL_MACHINE/My store**.

The second part is to remove the user from the administrator group and we create a Service Account for an ASP.NET 2.0 Application with the created user, which is better explained in the following URL http://msdn.microsoft.com/en-us/library/ms998297.aspx.

Good lock,