How can I enable strong private key protection programmatically in C#?

Question

How can I achieve the equivalent of setting the \"strong private key protection\" checkbox in certmgr.msc when adding an X509Certificate2 programmatically using C#?

Answer 1

You will have to setup the X509KeyStorageFlags accordingly when importing the certificate (i.e. MachineKeySet and UserProtected).