drgmak drgmak - 5 months ago 26
Vb.net Question

SSL Certificate: A specified logon session does not exist

I have created a method which will create a certificate, store it to Certificate store and bind it to a port.
Here it is the method:

private static void CreateStoreAndBindCertificate(string a_IpAddress, string a_IpPort)
{
Guid _AppId = Guid.Parse("b30f5be6-2920-4fa1-b0a6-5a56b63051bc");

var _RootCert = new RootCertificateContainer("CN=MyApp Root CA", 1024);
var _ServerCert = new ServerCertificateContainer("CN=MyAppApi", _RootCert, 1024);

//Here the Certificate will be created and then store
string _pathRootCertCER = Path.Combine(Path.GetTempPath(), "root-cert.cer");
string _pathServerCerPFX = Path.Combine(Path.GetTempPath(), "server-cert.pfx");

_RootCert.X509Certificate.PrivateKey = null;
File.WriteAllBytes(
_pathRootCertCER,
_RootCert.X509Certificate.Export(X509ContentType.Cert)
);

var _ServerCertPFX = new PFX(_ServerCert.X509Certificate);
File.WriteAllBytes(_pathServerCerPFX, _ServerCertPFX.GeneratePfxFile());

Process.Start(
new ProcessStartInfo()
{
CreateNoWindow = true,
WindowStyle = ProcessWindowStyle.Hidden,
FileName = "certutil",
Arguments = string.Format("-f -p -importPFX \"{0}\"", _pathServerCerPFX)
}
).WaitForExit();

try
{
ICertificateBindingConfiguration config = new CertificateBindingConfiguration();
var _IpPort = new IPEndPoint(IPAddress.Parse(a_IpAddress), Convert.ToInt32(a_IpPort));
var certificateThumbprint = _ServerCert.X509Certificate.Thumbprint.ToLower();
if (config.Query(_IpPort).Length > 0)
config.Delete(_IpPort);
config.Bind(new CertificateBinding(certificateThumbprint, StoreName.My, _IpPort, _AppId));
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
}


When i execute this method with parameters:
CreateStoreAndBindCertificate("127.0.0.1", "9001")
, i get this error:
A specified logon session does not exist. It may already have been termintaed.


What am i missing?

etr etr
Answer

For a certificate to be bind in the port i want i need to create the .pfx certificate using a password. So i will make same small changes:

const string passwordPFX = "MyPassword";

should be added in the beginning of the Method. Change:

var _ServerCertPFX = new PFX(_serverCert.X509Certificate);

to

var _ServerCertPFX = new PFX(_serverCert.X509Certificate, passwordPFX);

Change:

Process.Start(
                new ProcessStartInfo()
                {
                    CreateNoWindow = true,
                    WindowStyle = ProcessWindowStyle.Hidden,
                    FileName = "certutil",
                    Arguments = string.Format("-f -p  -importPFX \"{0}\"", _pathServerCerPFX)
                }
            ).WaitForExit();

to:

Process.Start(
                new ProcessStartInfo()
                {
                    CreateNoWindow = true,
                    WindowStyle = ProcessWindowStyle.Hidden,
                    FileName = "certutil",
                    Arguments = string.Format("-f -p {0} -importPFX \"{1}\"", passwordPFX, _pathServerCerPFX)
                }
            ).WaitForExit();

Another possible solution could be that you do not use password at all so you have to remove -p from ProcessStartInfo Arguments. It will look like below:

Process.Start(
                new ProcessStartInfo()
                {
                    CreateNoWindow = true,
                    WindowStyle = ProcessWindowStyle.Hidden,
                    FileName = "certutil",
                    Arguments = string.Format("-f -importPFX \"{0}\"",  _pathServerCerPFX)
                }
            ).WaitForExit();