堆栈内存溢出
  简体   繁体   English

IIS LocalSystem应用程序池无法访问我的系统证书

[英]IIS LocalSystem Application pool cannot access my system certificates

 原文  2012-12-26 11:17:01       wcf/ iis/ certificate/ signing

问题描述

I've developed ac# (.NET 4.0) application that signs PDF documents using SecureBlackbox libraries. 我已经开发了使用SecureBlackbox库对PDF文档进行签名的ac#(.NET 4.0)应用程序。 For my signatures, the signing process uses some installed user certificates from Trusted Root Certification Authorities and Intermediate Certification Authorities . 对于我的签名,签名过程使用受信任的根证书颁发机构中级证书颁发机构安装的一些用户证书。 The signing works when I open my testing application as a user, but when i implement this module in a WCF service on IIS (using LocalSystem identity for my Application pool) it doesn't work because it cannot find those certificates. 当我以用户身份打开测试应用程序时,签名有效,但是当我在IIS上的WCF服务中实现此模块时(对我的应用程序池使用LocalSystem标识),则该签名不起作用,因为它找不到那些证书。

Note that I've additionally installed those certificates using mmc.exe in Computer account -> Local computer snap-in, but that doesn't solve it. 请注意,我还使用“计算机帐户”->“本地计算机”管理单元中的mmc.exe安装了这些证书,但这并不能解决问题。 I've also tried to add them to Service account -> Local computer -> World Wide Web Publishing Service (that's IIS, right?), and no success... 我也尝试将它们添加到服务帐户->本地计算机->万维网发布服务(这是IIS,对吗?),但没有成功...

Can anyone suggest something else to try? 有人可以建议其他尝试吗? I am not sure at all what IIS is using as account or even if it can access my certificates at all in some other way, please help. 我完全不确定IIS使用什么帐户,即使它完全可以通过其他方式访问我的证书,也请帮忙。

2 个解决方案

解决方案1
 1  2012-12-26 11:36:32

确保证书对本地系统具有读取权限(如果这是您的iis进程被设置为运行的权限)。

解决方案2
 0 已采纳  2012-12-27 09:39:25

What I've found to be correct is that when you use ApplicationPool with identity LocalSystem, the certificates that belong to the system can be managed with mmc.exe when adding snap-in: Computer account -> Local computer. 我发现正确的是,当您将ApplicationPool与LocalSystem一起使用时,添加管理单元时,可以使用mmc.exe管理属于系统的证书:计算机帐户->本地计算机。 The actual problem was my bad coding while fetching certificates from system store using SBB library. 实际的问题是我在使用SBB库从系统存储中获取证书时编码不正确。 I've solved that and therefore i've solved the problem. 我已经解决了,因此也解决了这个问题。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在IIS中分配对应用程序池的读/写访问权限 - how to assign read/write access to application pool in IIS 使用IIS和应用程序池进行WCF Windows身份验证 - WCF windows authentication with IIS and Application Pool IIS应用程序池中禁用工作进程回收的影响 - impact of disabling recycling of worker process in IIS application pool 使用PowerShell脚本时IIS应用程序池回收身份 - IIS Application Pool recycling Identity when using PowerShell script IIS 7应用程序池-无法连接到WCF服务 - IIS 7 Application Pool - Can't connect to WCF Service 将iis应用程序权限授予系统文件夹 - give iis application rights to system folder 无法使用主机名 IIS 访问 WCF 服务 - Cannot access WCF service using hostname IIS 使用客户端证书的WCF服务需要IIS中的匿名访问,因此实际上不起作用? - WCF Service Using Client Certificates Requires Anonymous Access in IIS and Therefore Doesn't Actually Work? 无法从PHP SOAP访问IIS中的WCF - Cannot access WCF in IIS from PHP SOAP IIS 7.5 上托管的 ASP.NET 应用程序中的 WCF 客户端证书存在问题 - Problem with WCF client certificates in a ASP.NET application hosted on IIS 7.5
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM