How to fix problem with unsystematic problem of private key creating in PowerShell?


One of our server has to start scripts with determined params unfortunately he stopped to create private keys and i stuck with this problem for weeks. Every time I run the script with the same conditions (same account, server, script, application) it works but in most of runs started from ServiceDesk application it ends up with an error.

And most strange thing about the situation that the scrip has been working without changes for years.

I've already tried to create a background process with private key creation, to run script under different AD users, to change provider in ProviderName string, to find any solutions in the net.

The server is "Windows Server 2012 R2", PS version 4

The part of code where the problem occurs:

$PrivateKey = New-Object -ComObject "X509Enrollment.CX509PrivateKey"
$PrivateKey.ProviderName = "Microsoft Enhanced Cryptographic Provider v1.0"
$PrivateKey.ExportPolicy = 0x1
$PrivateKey.KeyUsage = 0xffffff
$PrivateKey.KeySpec = 0x1
$PrivateKey.KeyProtection = 0x0
$PrivateKey.Length = 2048
$PrivateKey.MachineContext = $False

The error:

Exception calling "Create" with "0" argument(s): "CertEnroll::CX509PrivateKey::
Create: The system cannot find the file specified. 0x80070002 (WIN32: 2 ERROR_F
At C:\Scripts\SD\VPN\ca_renew_cert_company.ps1:125 char:5
+     $PrivateKey.Create()
+     ~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
    + FullyQualifiedErrorId : ComMethodTargetInvocation

I need any information how to solve the problem, any links about method work, anything helpful.

asked on Stack Overflow May 29, 2019 by Aleksei Beda • edited May 29, 2019 by marc_s

0 Answers

Nobody has answered this question yet.

User contributions licensed under CC BY-SA 3.0