I'm hoping someone out there can help me with this issue. I'm receiving a "Could not acquire private key" exception whenever I try to run the following code under IIS.

HashAlgorithm sha = new SHA1CryptoServiceProvider();
byte[] dataToSign = Encoding.UTF8.GetBytes("Some Data");
Console.WriteLine("B64 of orig data:" + System.Convert.ToBase64String(dataToSign, 0, dataToSign.Length));

byte[] hash = sha.ComputeHash(dataToSign);
Console.WriteLine("B64 of hash:" + System.Convert.ToBase64String(hash));

//Certificate cert = Certificate.CreateFromCerFile("c:\temp\test.cer");
//cert.AssociateWithPrivateKey("c:\temp\test.pvk","test", true);
Certificate cert = Certificate.CreateFromCerFile("C:\\tmp\\EolXAptusSSO.cer");
cert.AssociateWithPrivateKey("C:\\tmp\\EolXAptusSSO.pvk", "xxxxxx", true);
RSAPKCS1SignatureFormatter RSAFormatter = new RSAPKCS1SignatureFormatter(cert.PrivateKey);
RSAFormatter.SetHashAlgorithm("SHA1");

byte[] signature = RSAFormatter.CreateSignature(hash);
Console.WriteLine("B64 of sig:" + Convert.ToBase64String(signature));


The exception occurs on the line:
RSAPKCS1SignatureFormatter RSAFormatter = new RSAPKCS1SignatureFormatter(cert.PrivateKey);

Now here is the interesting thing. If I run the same code in a simple command line app, the code works fine. So my thought was a permissions problem, but I can't for the live of me figure out what permission. I've give the IUSR account and 'Everyone' full access to the crt and pvk file.

Any thoughts?

I'm running on Windows XP pro.

I create the certs using the following command.

makecert -n "CN=EolXAptusSSO" -a sha1 -r -sv EolXAptusSSO.pvk EolXAptusSSO.cer

If you need any more info, please let me know.

Thanks,
Scott