Geeks With Blogs

Tim Huffam Dotting the I and crossing the T of I.T.

This error (m_safeCertContext is an invalid handle.) occurs when you try to access a client cert (or a member of the cert) from a ASP.NET 2.0 application developed using VS2005 eg:

X509Certificate cert = new X509Certificate(Request.ClientCertificate.Certificate);
string certSerial = 
cert.GetSerialNumberString();

The error is thrown because no valid certificate is found.  This can be caused by either:

  • A problem with the cert.  A common reason for this in a development environment is one of the cert properties differing from that of the environment eg cert common name does not match the site name.  I guess this would also occur if the cert had expired.
  • The cert did not get passed to the request. 

If the cert has not been passed to the request.  Then it's probably because you've not setup the website to be able to accept certs.  To do this you need to do the following:

  1. Host the project from IIS - not the thin web server that is bundled with VS2005.
    1. From within VS2005 select File - New Web Site.
    2. Select the Location of HTTP then enter the path eg: http://localhost/MyWebSite.  Note that you don't have to use HTTPS just yet (I find it easier for development to use HTTP then when deploying to UAT or Production to use HTTPS).
  2. Code up a test form.
  3. Go into IIS Admin - right click on the new app (MyWebSite) and select Properties.
  4. On the Directory Security tab, click Edit... under 'Secure communications'.
  5. Make sure 'Accept client certificates' is checked.
  6. When you run your app - make sure you use HTTPS in the url eg: https://localhost/MyWebSite

Here's another article about this.

HTH

Tim

Posted on Tuesday, April 18, 2006 1:58 PM BizTalk , C# .NET , ASP.NET , IIS | Back to top


Comments on this post: Error (m_safeCertContext is an invalid handle.) when accessing a client certificate using .NET 2.0/VS2005

# re: Error (m_safeCertContext is an invalid handle.) when accessing a client certificate using .NET 2.0/VS2005
Requesting Gravatar...
I had a similar problem, too. After securing the communication with SSL by means of a self-signed certificate, I wasn't able to add a web reference in VS2005. I always got the error, named in the title.

Solution: Add (copy) the certificate to the list of "trusted rootcertificates" (computer certificate store). Then neighter the web browser nor VS2005 shows an error.
Left by Klaus on Aug 16, 2007 8:53 AM

# re: Error (m_safeCertContext is an invalid handle.) when accessing a client certificate using .NET 2.0/VS2005
Requesting Gravatar...
not helpfull
Left by Leo on Sep 12, 2011 2:02 AM

Your comment:
 (will show your gravatar)


Copyright © Tim Huffam | Powered by: GeeksWithBlogs.net