I have this code:
string certificateFilePath = @"C:\Users\Administrator\Documents\Certificate.pfx";
string certificateFilePassword = "Some Password Here";
X509Certificate clientCertificate = new X509Certificate(certificateFilePath, certificateFilePassword);
TcpClient client = new TcpClient(host, port);
SslStream stream = new SslStream(client.GetStream(), false, (sender, certificate, chain, errors) => true);
X509CertificateCollection clientCertificates = new X509CertificateCollection {clientCertificate};
stream.AuthenticateAsClient(host, clientCertificates, SslProtocols.Tls, false);
When I run the code in the Console application, everything works fine, stream.IsAuthenticatedand stream.IsMutuallyAuthenticatedreturn trueand stream.LocalCertificatecontains the correct certificate object.
However, when you run the same code in Windows Service (as LOCAL SYSTEM user), although stream.IsAuthenticatedreturns true, stream.IsMutuallyAuthenticatedreturns falseand stream.LocalCertificatereturns null.
This happens in both scenarios, after starting the first line it clientCertificateloads the correct certification data and contains the correct information for the certificate Subjectand Issuer.
I also tried to get SslStream to select a Certificate using this code:
string certificateFilePath = @"C:\Users\Administrator\Documents\Certificate.pfx";
string certificateFilePassword = "Some Password Here";
X509Certificate clientCertificate = new X509Certificate(certificateFilePath, certificateFilePassword);
TcpClient client = new TcpClient(host, port);
SslStream stream = new SslStream(client.GetStream(), false, (sender, certificate, chain, errors) => true, (sender, host, certificates, certificate, issuers) => clientCertificate);
X509CertificateCollection clientCertificates = new X509CertificateCollection {clientCertificate};
stream.AuthenticateAsClient(host, clientCertificates, SslProtocols.Tls, false);
, stream.IsMutuallyAuthenticated false stream.LocalCertificate null.
, . .
Edit:
WinHttpCertCfg , , LOCAL SYSTEM , :
.