Question:
Now I can't sign and get a error message from Chilkat. It says it can't find a certificate. I have imported my P12 and did an export (without a private key) to a CER-file and point Chilkat to sign with that certificate.
Answer:
Digital certificates are stored in registry-based certificate stores. Each computer's user account has it's own "Current User" certificate store, and there is a machine-wide "Local Machine" certificate store that can be used to hold certificates to be made available to all users. However, public/private key pairs are *not* stored in the certificate stores. When a .p12 or .pfx is imported, the certificate is stored in the selected certificate store, but the key pair is stored in a Protected Store. Similar to certificate stores, each user account has its own Protected Store, and there is also a machine-wide Protected Store. If you import the .pfx interactively, and the key pair is imported into the current user's Protected Store, your ASPNET process will not find it. You'll need to import the p12/pfx so that the (1) either the ASPNET process does the importing into its own stores, or (2) you import into the machine-wide protected store.
