I have an ASP.NET application that runs inside IIS 7 on Windows Server 2008 SP1 with the application pool configured to run under a local user belonging to "Users" local group. I have a .pfx file with an SSL certificate with private key. The following code:
var data = File.ReadAllBytes(pathToPfxFile);
var cert = new X509Certificate2(data, password);
yields "System.Security.Cryptography.CryptographicException Object was not found." unless I reconfigure IIS pool to have "LoadUserProfile" enabled.
This is a big problem.
First, why does loading a certificate from a file (not cert storage) depend on user profile being loaded. Second, why is the message so obscure and useless - how should I have figured out how to resolve the issue?