Thursday, July 16, 2009

makecert.exe error: Can't create the key of the subject WCF



Recetly I struggeld to use the makecert tool since it was showing the below error.
This was happening even after the Network Services has full access to the "C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys" folder.
Some how i found it out some where how to fix this
Can't create the key of the subject ('')

Each time I tried, the GUID would change or the Name will change.

I'm not sure why it is happening, but I did find a workaround. The directions I was following were to create the certificate in the "LocalMachine" certificate store using the following command:

makecert.exe -sr LocalMachine -ss MY -a sha1 -n CN=Client -sky exchange -pe

After some trial and error I discovered I was able to create the certificate in the current user store instead using the following command:

makecert.exe -sr CurrentUser -ss MY -a sha1 -n CN=Client -sky exchange -pe

I thought I would post this message to hopefully save others the effort.
Note to the makecert developers: Please provide more useful error messages.

UPDATE:
I discovered the source of the problem! For some reason, I did not have the appropriate permissions to the directory where the certificates are stored. If you are getting the same error that I was getting, try granting your account (or the admin group, etc.) full control permission to the following directory:

Please try this link for complete solution

http://dotnetclr.blogspot.com/2009/07/wcf-certificate-chain-processed-but.html




No comments: