ASP.net permissions to root certificate store

Question

Is it possible to give asp.net read permission to the certificate store?

If yes , how?

If no... do I need to set the permission manually per certificate file

Answer 1

The network service account that asp.net run under by default doesn't have access to the local machine personal certificates. Grant access by the following:

Repost from Sohnee @ forums.asp.net

Step 1 - if you don't already have it installed - get WinHttpCertCfg

Step 2 - if you already have the certificate installed on the machine and you just need to grant access to Network Services:

WinHttpCertCfg.exe -g -c LOCAL_MACHINE\MY -s "IssuedToName" -a "NetworkService"