As far as I can see in the documentation , the certificate manager supports loading private key from the user storage as well as files. However I have yet to find out a low level API or high level API on how to load the private key from the windows certificate storage(machine or user) and use in the SAML SP or IDP side.
Any guid to the right documentation will be much appreciated.
One thing to set out here is what I'm looking for is to let SAMLSP or IDP to use the private key from there store without specifying password and let the machine crypto works with SAML to sign or encrypt when is needed.
I hope it make sense.