Subject: Error "CryptographicException: Invalid provider type specified."
Date: 2020-06-26 17:48:43
From: sburnett@hpe.com
Source: error-cryptographicexception-invalid-provider-type-specified
----------------------------------------------------------------------

I created the self-sign certificate using PowerShell something like below

New-SelfSignedCertificate -CertStoreLocation Cert:\LocalMachine\My -DnsName "stage-federation-2020.sp.test.com" -FriendlyName "stage-federation-2020.sp.test.com" -NotAfter (Get-Date).AddYears(5) -KeyAlgorithm RSA -KeyLength 2048 -Subject "CN=stage-federation-2020.sp.test.com,OU=Servers,O=ABC Inc.,L=CityName,S=StateNamehere,C=CountryNameHere"

from MMC console, I exported as xxx.cer and xxx.pfx. I did below and getting an error while signing the certificate

   // Sign the authentication request.
                X509Certificate2 spCert = new X509Certificate2(SamlServiceProvidersPath   spCertificateToUseForIdp.PrivateKeyFileName, spCertificateToUseForIdp.PrivateKeyPassword, X509KeyStorageFlags.MachineKeySet);
               
                authnRequest.Sign(spCert);

What found out that xxx.pfx contains a key which is valid for new cert x509.v3 not for x509.v2 we generally use. 

Questions:
 1. How can you sign the request with this type of certificate? If not, why?
 2. what is the workaround to create self-signed certificates which work here.

----------------------------------------------------------------------

Note: This question has been asked on the Q&A forum of Thang Dang's fraudulent ComponentPro brand
If you purchased anything from ComponentPro, you have been scammed. Contact the payment processor
who sold you the license and ask for your money back.

Back to ComponentPro Q&A Forum Index