I am working on window service where I need to call web service which uses x509 certificate type security to authenticate.
Now I have .cer file generated on my system by importing .pfx and .crt file then exported .cer file. Which I am using in VS2015 to communicate with web service.
Its working fine. Then If I create setup and install on same system but giving error below. Its error returned by web service
"error_name" : "authentication_failure",
"error_advice" : "Your identity could not be authenticated. This may mean that your request was not accompanied with your Client Certificate, or your software does not have access to your Private Key in order to encrypt messages correctly. Please check your software's configuration and associated file permissions for both your Client Certificate and Private Key. In addition, please check that your software supports secure connections using TLS 1.2 or higher."
Earlier I was using code below to load .cer when I try to debug in visual studio and it is working fine
X509Certificate certificate = X509Certificate.CreateFromCertFile(ConfigurationManager.AppSettings["CertificateFilePath"].ToString());
and In app.config
<add key="CertificateFilePath" value="E:\ZooplaCerts\test\zooplasandbox_cert.cer"/>
Now When I create setup and install and run window service I am getting above error
I have tried to change code to below
var certificate = new X509Certificate2(ConfigurationManager.AppSettings["CertificateFilePath"].ToString(), string.Empty, X509KeyStorageFlags.MachineKeySet);
but still getting same error. Then I tried to change Log On Type from service and selected Local System Account but still same error
Error I am receiving when try to run window service by installing
"error_name" : "authentication_failure",
"error_advice" : "Your identity could not be authenticated. This may mean that your request was not accompanied with your Client Certificate, or your software does not have access to your Private Key in order to encrypt messages correctly. Please check your software's configuration and associated file permissions for both your Client Certificate and Private Key. In addition, please check that your software supports secure connections using TLS 1.2 or higher."
I got everything working now When I tried to create a new .cer file from .pfx for local system account and set window service log on option as local system