Why do i have to reimport my keyvault certificate every day?

Mao Uyen Tram 106 Reputation points
2023-09-11T08:43:26.0066667+00:00

Hello,

I have an application which uses the keyvault and a certificate. And it works, whenever i install the certificate in my trusted root computer location. The issue is that the next day it says keyszet does not exist despite it finding the certificate. Then i have to import the certificate again and then it works again for a day. Do you know what is happening or what i am doing wrong?

edit: i tried to install my application with certificate on a client computer and now it returns the following exceptions. How do i fix these

  • The SSL connection could not be established, see inner exception.
  • The remote certificate is invalid according to the validation procedure: RemoteCertificateNameMismatch, RemoteCertificateChainErrors

thank you for your time,

Mao Uyen

Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,093 questions
.NET
.NET
Microsoft Technologies based on the .NET software framework.
3,324 questions
C#
C#
An object-oriented and type-safe programming language that has its roots in the C family of languages and includes support for component-oriented programming.
10,165 questions
0 comments No comments
{count} votes

Accepted answer
  1. Akshay-MSFT 16,026 Reputation points Microsoft Employee
    2023-09-12T05:53:59.33+00:00

    @Mao Uyen Tram

    Thank you for posting your query on Microsoft Q&A. From above description I could understand that you are getting "keyset does not exist" while trying to authenticate with certificate from Azure Key Vault.

    Please do correct me if this is not the case by responding in the comments section.

    The error "keyset does not exist" occurs when there is a permission issue on the service account.

    • You may need to grant the application access to the private key associated with the certificate.
      1. Open certificate snap-in in MMC: WIN + R -> type mmc -> File -> Add/Remove Snap-in -> Add Certificates (Computer Account).
        1. Find your certificate -> Right click and choose All Tasks/Manage Private Keys
          1. Grant Read Permission for Application service account and NETWORK SERVICE account.

    Thanks,

    Akshay Kaushik

    Please "Accept the answer" (Yes), and share your feedback if the suggestion answers you’re your query. This will help us and others in the community as well.


0 additional answers

Sort by: Most helpful