Archived Forum Post

Index of archived forum posts


Certificate from current user store and private key

Nov 15 '12 at 20:58

How could i get a certificate from current user store with its private key? When i try to use a certificate to sign a document, an error occurs "no private key found"


(This question and answer apply to the Windows operating system. The "Current User Store" is a Windows registry-based certificate store commonly used by applications.)

The two most common causes are:

1) The certificate was never installed with the private key in the first place, and therefore no private key is available.

2) The certificate was installed with a private key, but the private key was marked as non-exportable, or there are other access permissions. (Chilkat internally directly implements PKCS7, so the private key needs to be "exported" to memory. However, if unable to do so, the Chilkat implementation on Windows will defer to the underlying Microsoft Crypto API to do the PKCS7 signing, which gets around the problem of "exporting" the private key.)

To get more information about the cause of the problem, please post the full contents of the LastErrorText.


When i want to use a certificate in internet explorer (for example) a dialog shows to enter a password. How could i enter this password in chilkat? Thanks


The dialog probably shows because when the cert was imported from the PFX, an option was chosen for "high security", which means whenever the private key is accessed, it triggers the Windows OS to display a warning dialog. (See this: )

Otherwise, the only time you'll need a password w/ Chilkat is to get the contents of a PFX. The Chilkat methods involving PFX's include a password argument.