"Unable to generate XML signature." signing an assertion with a pfx created with the X509KeyStorageFlags.EphemeralKeySet flag

Hi! We use the ComponentPro.Saml library in a .NET app running on an Azure Function. We have run into issues several times in production when the hosts %APPDATA%\Microsoft\Crypto\RSA\ folder fills to capacity and causes crashes. In order to mitigate this, we have been testing creating the pfx with the X509KeyStorageFlags.EphemeralKeySet flag. However, ComponentPro does not seem to support this when using the Sign function. byte[] bytes = Base64.Decode("secret"); var coll = new X509Certificate2Collection(); coll.Import(bytes, null, X509KeyStorageFlags.Exportable | X509KeyStorageFlags.EphemeralKeySet); X509Certificate2 pfx = coll[0]; Assertion _samlAssertion = CreateSAMLAssertion(etc...); _samlAssertion.Sign(pfx); //errors here Thanks! -Dan
asked 1/6/2021 2:58:26 PM
add a comment

0 Answers

Your Answer

Not the answer you're looking for? Browse other questions tagged saml or ask your own question.