I have a windows service written in .net 4. The service uses successfully an X509-Certificate (its private key) from the machines certificate store (via the X509Store-class).
I saw that the certificates snap-in (Server 2008) allows managing certificates for each service. I added a certificate to this store, but I have not found a way to access it (from within the windows service). I tried the few hints I was able to find in the internet, such as installing the certificate from a snap-in instance that is executed under the user-context of the services account. However, I was not able to access it.
How I can access a certificate of the services certificates store from within a windows service in .net 4?
X509Store.StoreLocation contains just LocalMachine and CurrentUser values, while the full set of possible options includes the following (ignore the prefix):
atCurrentService, atCurrentUser, atCurrentUserGroupPolicy, atLocalMachine, atLocalMachineEnterprise, atLocalMachineGroupPolicy, atServices, atUsers
You need to use CryptoAPI to open the needed store, obtain a handle, then create X509Store and pass the handle to X509Store constructor. Or use the third-party library such as our SecureBlackbox.