Member_2_99151
asked on
Add Server Certificate in IIS from C#
Hi All,
I wish to import a Certificate from a C# app into IIS.
If I import the file using the IIS manager GUI:
- Server Certificates
- Import
It allows me to use this to assign as the SSL certificate in the Site Binding.
Now, if I do the same process within C#, it adds the certificate - or at least it looks identical - but when I try to assign it as the SSL certificate in the Site Binding, it gives the error:
"A specified logon session does not exist. It may already have been terminated. (Exception from HRESULT: 0x80070520)"
When you view the certificate in the 'Server Certificates' dialog it has identical entries for each of the columns...
The code I am using is as follows:
Thanks,
James
I wish to import a Certificate from a C# app into IIS.
If I import the file using the IIS manager GUI:
- Server Certificates
- Import
It allows me to use this to assign as the SSL certificate in the Site Binding.
Now, if I do the same process within C#, it adds the certificate - or at least it looks identical - but when I try to assign it as the SSL certificate in the Site Binding, it gives the error:
"A specified logon session does not exist. It may already have been terminated. (Exception from HRESULT: 0x80070520)"
When you view the certificate in the 'Server Certificates' dialog it has identical entries for each of the columns...
The code I am using is as follows:
X509Store store = new X509Store("WebHosting", StoreLocation.LocalMachine);
store.Open(OpenFlags.OpenExistingOnly | OpenFlags.ReadWrite);
X509Certificate2 certificate = new X509Certificate2(xSSLCertificate, xSSLCertificatePassword);
store.Add(certificate);
store.Close();
Can anyone help?Thanks,
James
ASKER
Hi,
Thank you for your suggestions.
Unfortunately even in this sequence, the same issue persists.
I have now tried simply importing the Certificate using C#, then adding all the Web Site with references using the IIS Manager. As soon as I try to assign the SSL Certificate to the site, I get the same error.
It look like there must be some sort of error in the import process:
I cannot see anything obvious here - any ideas?
Thank you for your suggestions.
Unfortunately even in this sequence, the same issue persists.
I have now tried simply importing the Certificate using C#, then adding all the Web Site with references using the IIS Manager. As soon as I try to assign the SSL Certificate to the site, I get the same error.
It look like there must be some sort of error in the import process:
String xMachineName = Environment.MachineName;
String xSSLCertificate = @"D:\Cert\ServerSSL.pfx";
String xSSLCertificatePassword = @"TestPassword";
using (ServerManager iisManager = new ServerManager())
{
X509Store store = new X509Store("WebHosting", StoreLocation.LocalMachine);
store.Open(OpenFlags.OpenExistingOnly | OpenFlags.ReadWrite);
X509Certificate2 certificate = new X509Certificate2(xSSLCertificate, xSSLCertificatePassword);
store.Add(certificate);
store.Close();
iisManager.CommitChanges();
}
I cannot see anything obvious here - any ideas?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
You are correct, I am currently testing just the automated import of the certificate into the store.
The same as using 'Server Certificates', Right-Click 'Import' within the IIS Manager application.
It does appear to add the entry, ready for binding to a site, however does not allow me to bind the created entry, even within the IIS Manager - same message as I receive when automating the bind.
The Import process does appear to work correctly, and will throw an error is the pwd is wrong, but I am not able to use it afterwards.
I am probably missing something obvious here, but I cannot see it :-(
The same as using 'Server Certificates', Right-Click 'Import' within the IIS Manager application.
It does appear to add the entry, ready for binding to a site, however does not allow me to bind the created entry, even within the IIS Manager - same message as I receive when automating the bind.
The Import process does appear to work correctly, and will throw an error is the pwd is wrong, but I am not able to use it afterwards.
I am probably missing something obvious here, but I cannot see it :-(
Are there any errors in the Event Logs that relate to the attempt to bind the cert in IIS Manager?
If so, can you please post them with all the details?
Dan
If so, can you please post them with all the details?
Dan
ASKER
This seems to be okay now!
Not sure what I had missed when I previously tested this.
Many thanks for the help :-)
Not sure what I had missed when I previously tested this.
Many thanks for the help :-)
IIS Forum Thread: https://forums.iis.net/t/1163325.aspx
Other reference links:
- https://forums.iis.net/t/1178407.aspx
- https://msdn.microsoft.com/en-us/library/ms731899(v=vs.110).aspx
Dan