Forums, Documentation & Knowledge Base - ComponentSpace

use user certificate store to load key for sing and encryption


https://componentspace.com/forums/Topic1550.aspx

By galaxyware2 - 6/21/2015

Hi ,
As far as I can see in the documentation , the certificate manager supports loading private key from the user storage as well as files. However I have yet to find out a low level API or high level API on how to load the private key from the windows certificate storage(machine or user)  and use in the SAML SP or IDP side. 
Any guid to the right documentation will be much appreciated. 
One thing to set out here is what I'm looking for is to let SAMLSP or IDP to use the private key from there store without specifying password and let the machine crypto works with SAML to sign or encrypt when is needed. 
I hope it make sense. 

Thanks, 


By ComponentSpace - 7/11/2015

You would need to write a custom ICertificateManager. Our Developer Guide describes who to do this.

Your customer certificate manager would then load certificates from the user store.

However, our recommendation is to store certificates in the machine store rather than in a user store.