We created numerous X509Certificate2's on our application server using a an ASP.NET C# website. When calling any functionality via the website that uses these certificates, the process executes just fine - finding the appopriate certificates from the store.
BUT, when we run a Service that we created, that calls the same code that the website called, the process fails as it doesn't find any certificates in the Store.
When we add the certificates to the store via the website, we use the code:
X509Store storeCurrentUser = new X509Store(StoreName.My, StoreLocation.CurrentUser);
Now, after a bit of digging, it seems that in order for the Service to be able to access the certificates, they need to be obtained from the StoreLocation.LocalMachine store (I could be wrong here - so please correct me if I am)
Then, from what I understand, the website should search the StoreLocation.CurrentUser store for certificates, whereas the application Service should access the StoreLocation.LocalMachine store.
The problem is, that via the website, I can only add certificates to the StoreLocation.CurrentUser store. If I try add to the StoreLocation.LocalMachine store, I get an "access denied" error.
What do I need to do to install certificates that will be accessible via a function called via the web application AND the same function called via a Service (Windows Service, not Web Service)