search

OPCFoundation / UA-.NETStandard

OPC Unified Architecture .NET Standard
Other
1.97k stars 950 forks source link

X509Store app certificate becomes unusable after a while #2765

Open mregen opened 2 months ago

mregen commented 2 months ago

Type of issue

Current Behavior

System.ArgumentException
  HResult=0x80070057
  Message=The CNG key handle being opened was detected to be ephemeral, but the EphemeralKey open option was not specified. (Parameter 'keyHandleOpenOptions')
  Source=System.Security.Cryptography.Cng
  StackTrace:
   at System.Security.Cryptography.CngKey.Open(SafeNCryptKeyHandle keyHandle, CngKeyHandleOpenOptions keyHandleOpenOptions)
   at Internal.Cryptography.Pal.CertificatePal.GetPrivateKey[T](Func`2 createCsp, Func`2 createCng)
   at Internal.Cryptography.Pal.CertificatePal.GetRSAPrivateKey()
   at Internal.Cryptography.Pal.CertificateExtensionsCommon.GetPrivateKey[T](X509Certificate2 certificate, Predicate`1 matchesConstraints)
   at System.Security.Cryptography.X509Certificates.RSACertificateExtensions.GetRSAPrivateKey(X509Certificate2 certificate)
   at Opc.Ua.Security.Certificates.X509PfxUtils.VerifyRSAKeyPair(X509Certificate2 certWithPublicKey, X509Certificate2 certWithPrivateKey, Boolean throwOnError) in D:\Source\Repos\UA-.NETStandard10\Libraries\Opc.Ua.Security.Certificates\X509Certificate\X509PfxUtils.cs:line 78

  This exception was originally thrown at this call stack:
    [External Code]
    Opc.Ua.Security.Certificates.X509PfxUtils.VerifyRSAKeyPair(System.Security.Cryptography.X509Certificates.X509Certificate2, System.Security.Cryptography.X509Certificates.X509Certificate2, bool) in X509PfxUtils.cs

Expected Behavior

self signed certificate remains usable in X509Store

Steps To Reproduce

Environment

- OS: Windows 11 23H2
- Environment: VS 2022
- Runtime: .NET 8.0 / .NET Framework 4.8
- Nuget Version: 1.5.374.118
- Component: 
- Server: Ref server
- Client:

Anything else?

No response

mregen commented 1 month ago

so far not reproducible on all machines.