How can I SignHash data with RSACryptoServiceProvider using only public key and verify response using private key in Windows 10 and .NET 8

Question

I asked a question it is this link [How can SignHash data using RSACryptoServiceProvider in dotnet 8][1]

I received a comment that worked by setting X509KeyStorageFlags.Exportable when loading a private key now when I SignHash data they are being signHashed with both private and public key but the API where I'm sending data expect data to be signHashed with only public key such that SignHashed data can not be Verify

privateKey.VerifyHash(rgbHash, CryptoConfig.MapNameToOID("SHA1"), rgbSignature);

in the API I'm sending to.

When I signHash Using only public key I get error

Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware[1]

An unhandled exception has occurred while executing the request.

System.Security.Cryptography.CryptographicException: Object contains only the public half of a key pair. A private key must also be provided.

From the above code I get error

Object contains only the public half of a key pair. A private key must also be provided

Now I'm asking how can I SignHash data with RSACryptoServiceProvider using only public key and verify response using private key in Windows 10 and .NET 8. I there is a way to achieve the expected results please any help.

Let me provide more code for easy assistance on this case

/** RSACrypto Variables */
    RSACryptoServiceProvider? key = null;
    RSACryptoServiceProvider? privateKey = null;
    string Payload = "Hello Sending sensitive data";

    /** Load CIGServerCerts */
    X509Certificate2Collection CIGServerCerts = new X509Certificate2Collection();
    CIGServerCerts.Import(_appSettingsHelper.CIGServerCertCertificatePath, null, X509KeyStorageFlags.PersistKeySet);
    if (CIGServerCerts.Count > 0)
    {
      CIGServerCert = CIGServerCerts[0];
      Console.WriteLine("Certificates found in the specified file.");
    }


    ServicePointManager.ServerCertificateValidationCallback += new RemoteCertificateValidationCallback(Helper.CustomCertificateValidation);
    if (CIGServerCert != null && CIGServerCert.PublicKey != null)
    {
      RSA rsaPublicKey = this.CIGServerCert.GetRSAPublicKey();
      key = new RSACryptoServiceProvider();
      key.ImportParameters(rsaPublicKey.ExportParameters(false));
      if (key != null)
      {
        Console.WriteLine("Key retrieved successfully");
      }
    }

    /** Load Certificate for Stakeholder */
    X509Certificate2Collection stakeHolderCerts = new X509Certificate2Collection();
    if (stakeHolderCerts != null)
    {
      stakeHolderCerts.Import(_appSettingsHelper.StakeholderCertificatePath, _appSettingsHelper.StakeholderPassword, X509KeyStorageFlags.PersistKeySet);
      Console.WriteLine($"@A There is stakeholder certificate");
    }

    if (stakeHolderCerts?.Count > 0)
    {
      this.StakeHolderCert = stakeHolderCerts[0];
      Console.WriteLine("certificates found in the specified file.");
    }

    RSA rsaPrivateKey = this.StakeHolderCert.GetRSAPrivateKey();
    RSAParameters rsaParams = rsaPrivateKey.ExportParameters(false);
    privateKey = new RSACryptoServiceProvider();
    privateKey.ImportParameters(rsaParams);

    /** Serialize Data */
    if (Payload.Trim().Length == 20)
    {

      Helper.CryptoOutput cryptoOutput = Payload.ToString().EncryptPayload(); // (This is a function that return Key, IV and Payload) works fine
      byte[] inArray = key.Encrypt(cryptoOutput.Key, false);
      string base64String1 = Convert.ToBase64String(key.Encrypt(cryptoOutput.IV, false));
      string base64String2 = Convert.ToBase64String(inArray);
      string payload = cryptoOutput.Payload;
      SHA1Managed shA1Managed = new SHA1Managed();
      byte[] hash = shA1Managed.ComputeHash(Convert.FromBase64String(cryptoOutput.Payload));
      string oid = CryptoConfig.MapNameToOID("SHA1");
      string base64String3 = Convert.ToBase64String(privateKey.SignHash(hash, oid));

      string responseXModal = SerializationHelper.CreateDataRequest(
            base64String1,
            base64String2,
            payload,
            base64String3,
            "123.12.13.1",
            ApiConstant.ID,
            ApiConstant.TIMESTAMP,
            ApiConstant.USER_ID
      );

      byte[] rgbSignature = Convert.FromBase64String(responseXModal.Signature);
      byte[] rgbHash = shA1Managed.ComputeHash(Convert.FromBase64String(responseXModal.Payload));
      var signatureVerification = privateKey.VerifyHash(rgbHash, 
 CryptoConfig.MapNameToOID("SHA1"), rgbSignature);
      Console.WriteLine($"KEY RESPONSE found in the specified file. {signatureVerification}");

      if (signatureVerification)
      {

        /** Decrypt Keys */
        byte[] i_IV = privateKey.Decrypt(Convert.FromBase64String(responseXModal.EncryptedCryptoIV), false);
        byte[] i_Key = privateKey.Decrypt(Convert.FromBase64String(responseXModal.EncryptedCryptoIV), false);
      }
    }
    ```


  [1]: https://stackoverflow.com/questions/77993268/how-can-signhash-data-using-rsacryptoserviceprovider-in-dotnet-8?noredirect=1#comment137498917_77993268