I have code that removes certain certificates from the TrustedPeople repository on the local computer. Code for this:
var serverClientStore = new X509Store(StoreName.TrustedPeople, StoreLocation.LocalMachine);
serverClientStore.Open(OpenFlags.ReadWrite);
X509Certificate2Collection certCollection = serverClientStore.Certificates;
X509Certificate2Collection currentCerts = certCollection.Find(X509FindType.FindBySubjectName, myCertName, true);
foreach (X509Certificate2 cert in currentCerts)
{
serverClientStore.Remove(cert);
}
This code works for me when I run my tests because they work as my local user account. However, when I run the code from a web application running as the user "NETWORK SERVICE", it does not work on the line serverClientStore.Open(OpenFlags.ReadWrite);with the "Access denied" error.
But - I do not know how to set permissions for "NETWORK SERVICE" or any other user to be able to read / write from the store. I can see material on granting permissions to individual certificates, but nothing for the store.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys , .
?