When moving to our Windows Server 2016 machine, we had the following error when I tried to shorten my code to match the code here: https://developers.google.com/api-client-library/dotnet/guide/aaa_oauth
This is the code we need (extra flags at the end)
var certificate = new X509Certificate2(certLocation, "notasecret", X509KeyStorageFlags.MachineKeySet |
X509KeyStorageFlags.PersistKeySet |
X509KeyStorageFlags.Exportable);
instead of:
var certificate = new X509Certificate2(@"key.p12", "notasecret", X509KeyStorageFlags.Exportable);
Is there a reason one would work and the other not? Thanks!
X509KeyStorageFlags Defines where and how to import the private key of an X.509 certificate.
This problem also occurs with Azure hosting. my post Azure with service accounts in C# may help
Recomend we close this issue as its not an issue with the client library its more an issue of how the server is set to deal with the x.509 certificate. It can also be solved by using the Json service account file instead of the P12 file. Google Service Accounts with Json File
Yes, this is an x509 certificate issue, not a client library issue; so closing.
http://paulstovell.com/blog/x509certificate2 may contain some helpful information about working with x509 certificates.
@jamierytlewski Thank you for this post. I was running into the same issue when deploying to AWS. adding the extra x509StorageFlags solved the issue.
Most helpful comment
X509KeyStorageFlags Defines where and how to import the private key of an X.509 certificate.
This problem also occurs with Azure hosting. my post Azure with service accounts in C# may help
Recomend we close this issue as its not an issue with the client library its more an issue of how the server is set to deal with the x.509 certificate. It can also be solved by using the Json service account file instead of the P12 file. Google Service Accounts with Json File