Close this search box.

How to set x509 Certificate private key access rights for AppPoolIdentity

If your website uses the AppPoolIdentity and requires access to the private key of an x509Certficate, you’ll need to grant the read permissions to the iis application pool.

To grant permissions to the AppPoolIdentity:

  1. Run Certificates.MMC (or Start->run->mmc.exe, Add Certificate Snap-In for LocalMachine)
  2. Select the certificate (Personal node on the certificate tree) , right click and Manage Permissions.
  3. Add a new user to the permissions list.
  4. Enter “IIS AppPool\AppPoolName” on the local machine”. Replace “AppPoolName” with the name of your application pool.
This article is part of the GWB Archives. Original Author:  What Was I Thinking?

Related Posts