Troubleshooter: Application Certificate cannot be accessed
Currently, the platform prepends the characters "WildcatApp-" to the application ID, and uses that as the name of the certificate to look up. So, the certificate that HelloWorld uses is:
WildcatApp-05a059c9-c309-46af-9b86-b06d42510550
If the certificate cannot be accessed, the application will not run. There are several possible causes:
- The certificate is not installed in the machine's certificate store.
- The certificate is installed but does not have the correct name
- The certificate is installed with the correct name, but the process that the web server is running under does not have access to that certificate.
The first two can be verified by running "Program Files\Microsoft HealthVault\SDK\Tools\ComputerCertificates.msc, and checking for the existence and name of the certificate.
The third can be checked using the winhttpcertcfg tool in "Program Files\Microsoft HealthVault\SDK\Tools\" to find out what accounts have access to the certificate. To view the accounts that have access to the HelloWorld certificate, for example, the command line is:
winhttpcertcfg.exe -l -c LOCAL_MACHINE\My -s WildcatApp-05a059c9-c309-46af-9b86-b06d42510550
At the bottom of the output, it will tell you which accounts and groups have access to the private key. If the username listed in the Troubleshooter output is not listed, access can be granted using winhttpcertcfg. The samples contain batch files that can be used as templates, or it can be done directly with:
winhttpcertcfg.exe -a <account-name> -c LOCAL_MACHINE\My -s WildcatApp-05a059c9-c309-46af-9b86-b06d42510550
(using the proper certificate name instead of the HelloWorld one listed here...)