System.Security.Cryptography.CryptographicException: keyset does not exist

c# x509certificate

This question is old but for someone looking for the solution while continuing to use Encrypt and Decrypt here is how I manage to solve this error:

The base is my certificate have been installed the wrong way by double-clicking the .pfx file and selecting the store.

The wrong way to install the certificate

1. Double click the certificate:

certificate file

2. The wizard opens, click in the next button:

wizard 0

3. The wizard show the certificates location, click in the next button:

wizard 1

4. Enter the password then click next:

wizard 2

5. Select the store then click next:

wizard 3

6. The wizard show the certificate information, click in Finish button

wizard 4

7. Succes dialog is showed:

wizard 5

So at this point I had the error "Keyset does not exist".

To solve that I proceeded this way (the correct way)

1. Execute Microsoft Management Console (mmc.exe):

execute mmc

2. A blank MMC instance showed:

mmc showed

3. Click in File->Add/Remove Snap-in...

add snap-in

4. Select certificate snap-in an click in Add button:

add certificate snap-in

5. Select Computer account then click in Next button:

select computer account

6. Select Local computer then click in Finish button:

selecct local computer

7. The certificate snap-in is now added, click in OK button:

certificate snap-in shows

8. Select the personal store, then right click and select Import:

select personal store and import

9. Browse the certificate, and click next:

browse certificate

10. Enter the password, then click in Next button:

enter image description here

11. Automatically select the certificate store:

automatically select the store

12. The certificate information shows:

certificate information

13. Success dialog message shows:

enter image description here

14. Refresh the MMConsole to show the certificate:

refresh mmc

15. Right click on the certificate, then click in Manage Private Keys...:

manage private keys

16. Add the pool identity or the IIS user in my case I added IIS_IUSRS:

add iis_iusrs

17. The user has been added, click on OK button:

user added

And it is finished the keyset does exist now!!


The application might be trying to write to the following folder path: C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys

If your application is using impersonation or using the IUSR_MACHINENAME user, then configure the MachineKeys folder sercurities and give the user Read & Execute, List Folder Contents, Read, Write. If that doesn't work, try giving the Everyone user the same permissions.

Related

Making a short alias for document.querySelectorAll
Horizontal Scroll Table in Bootstrap/CSS
how to bind img src in angular 2 in ngFor?
Limit number of characters with Django Template filter
Date in mmm yyyy format in postgresql
How to deserialize a unix timestamp (μs) to a DateTime from JSON?
Using dplyr window functions to calculate percentiles
One-liner to transform []int into string
Instancing a class with an internal constructor
How to clear MySQL screen console in Windows?
How to pass system property to Gradle task
How to enumerate dates between two dates in Moment