“Invalid provider type specified” CryptographicException when trying to load private key of certificate

Question

I\'m trying to read the private key of a certificate which has been shared with me by a third-party service provider, so I can use it to encrypt some XML before sending it t

Answer 1

The problem is your code is not able to read the PFX file. convert the pfx file to RSA format by doing the below steps.

Get the certificate and extract the pfx file from the certificate.

use the password 123456 below to have a quick solution.

rename your pfx to 'my.pfx' file to make it simple and put it in "C:\Certi" make sure you have open SSL installed already in the system. open cmd in windows system and type --> OpenSSL Stay cool and just run these ones by one --> copy paste. *Note

-passin is your Pfx file password -passout is the new password for converted pfx.

1. pkcs12 -in "C:\Certi\my.pfx" -nokeys -out "C:\Certi\MYCERT.cer" -passin "pass:123456"

2. pkcs12 -in "C:\Certi\my.pfx" -nocerts –out “C:\Certi\MYCERT.pem" -passin "pass:123456" -passout "pass:123456"

3. rsa -inform PEM -in "C:\Certi\MYCERT.pem" -out "C:\Certi\MYCERT.rsa" -passin "pass:123456" -passout "pass:123456"

if you face issue in the 3rd command go here https://decoder.link/converter
Click PKC#12 To PEM upload your pfx file and get it converted online. download the zip file. it contains 3 files. just copy ".key" file and rename it as my.key and put in "C:\Certi"

4. rsa -in C:\Certi\my.key -out C:\Certi\domain-rsa.key

5. pkcs12 -export -in "C:\Certi\MYCERT.cer" -inkey "C:\Certi\domain-rsa.key" -out "C:\Certi\CONVERTED.pfx" -passin "pass:123456" -passout "pass:123456"


**Also, you can try below things if the issue still persists**

• Given access to app pool or IIS user to folder "mandatory to do"

Path --- > C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys

• Delete the old keys (clear up the mess)
  Path --- > C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys