Netsh error 1312 after programatically adding certificate to the store

Question

I'm trying to add a certificate to the store programatically using the following code:

var certPath = string.Format("{0}//{1}", Path.GetDirectoryName(Assembly.GetExecutingAssembly().Location),"fileName.pfx");
        var cert = new X509Certificate2(certPath, "Password");

        X509Store store = new X509Store(StoreName.My, StoreLocation.LocalMachine);
        store.Open(OpenFlags.ReadWrite);
        store.Add(cert);
        store.Close();

I check in MMC and the certificate is added.

If I now run in a command prompt with admin privileged:

netsh http add sslcert ipport=0.0.0.0:<port> certhash=<Thumbnail> appid={00000000-0000-0000-0000-000000000000}

Then it throws a 1312 error, "A specified log-on session does not exist. It may already have been terminated."

If I add the certificate via the import function in MMC, then the above command works.

Can anyone please help?

Answer 1

We ended up using WIX to inject the certificate into the store on installation. It seemed to work nicely.

Answer 2

The issue is the way in which windows is storing the private key. To do this programatically in .Net, change the following line of code:

X509Certificate2 cert = new X509Certificate2(path, "password",
    X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.PersistKeySet);

As per this question: Inserting Certificate (with privatekey) in Root, LocalMachine certificate store fails in .NET 4