System.Security.Cryptography.CryptographicException: The system cannot find the file specified

Question

 

Hi,

 

When i tried to use a third party web service  using IIS  , i am getting the following Error

Exception Details: System.Security.Cryptography.CryptographicException: The system cannot find the file specified.

[CryptographicException: The system cannot find the file specified.
]
   System.Security.Cryptography.Utils.CreateProvHandle(CspParameters parameters, Boolean randomKeyContainer) +1459868
   System.Security.Cryptography.Utils.GetKeyPairHelper(CspAlgorithmType keyType, CspParameters parameters, Boolean randomKeyContainer, Int32 dwKeySize, SafeProvHandle& safeProvHandle, SafeKeyHandle& safeKeyHandle) +55
   System.Security.Cryptography.RSACryptoServiceProvider.GetKeyPair() +79
   System.Security.Cryptography.RSACryptoServiceProvider.ExportParameters(Boolean includePrivateParameters) +38
   System.Security.Cryptography.RSA.ToXmlString(Boolean includePrivateParameters) +41
   Globeranger.EdgeServices.Security.Runtime.Client.ClientSession.a() +158
   Globeranger.EdgeServices.Security.Runtime.Client.ClientSession.RequestLogin(String reasonMessage) +200
   Globeranger.EdgeServices.Security.Runtime.Client.ClientSession.GetNewSecureSessionToken(Boolean attemptLogin) +148
   Globeranger.EdgeServices.Security.Runtime.Client.SecureInvoker.Invoke(ClientSession session, WebServicesClientProtocol service, String methodName, Boolean attemptLoginIfNeeded, Object[] args) +90
   Globeranger.EdgeServices.Security.Runtime.Client.SecureInvoker.Invoke(ClientSession session, WebServicesClientProtocol service, String methodName, Object[] args) +15
   Globeranger.EdgeServices.Ale.Runtime.Client.AleServerProxy.SendCommandEvent(String target, CommandEvent commandEvent) +216
   MidWareGlobeRanger.CommandEventSender.SendCommandEvent(String groupName, CommandEvent commandEvent) +40
   MidWareGlobeRanger.CommandEventSender.SendSuspendEvent(String groupName) +63
   RSC_Home.Page_Load(Object sender, EventArgs e) in c:\RSC_RFID_GUI\RSC_Home.aspx.cs:118
   System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +15
   System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender, EventArgs e) +34
   System.Web.UI.Control.OnLoad(EventArgs e) +99
   System.Web.UI.Control.LoadRecursive() +47
   System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +1061

Any solution for this?

 

Regards
Abraham

Answer 1

according to the documentation you would get this if "The key cannot be exported":

http://msdn2.microsoft.com/en-us/library/system.security.cryptography.rsacryptoserviceprovider.exportparameters.aspx

 

hopefully this helps, if not please send more details on what "Globeranger.EdgeServices.Security.Runtime.Client" is doing.

Answer 2

Hi  ranamauro,

 

 

The problem occured due to some user priveledge issues in IIS , So i reconfigured IIS  and got it resolved .

 

Globeranger.EdgeServices.Security.Runtime.Client is  third party component   that we are using to  access the web Methods .

 

Cheers

Abraham

 

Answer 3

You wouldn't be able to elaborate on those IIS privilege settings?  I've a feeling that I'm running into a similar problem with IIS 7.0.

DL

Answer 4

Hi, i ve got exactely the same exeption when i try my web site on my server. :

CryptographicException: The system cannot find the file specified.
at System.Security.Cryptography.Utils.CreateProvHandle(CspParameters parameters, Boolean randomKeyContainer) at System.Security.Cryptography.RSACryptoServiceProvider.ImportParameters(RSAParameters parameters) at System.Security.Cryptography.RSA.FromXmlString(String xmlString) at Registration.EncryptAndSign(String strOriginalMessage, String KeySender, String KeyReciever) in c:\Inetpub\vhosts\uplay-istrip.com\httpdocs\upis\Registration.aspx.cs:line 175

When i try it on my PC with Visual Web Developer, it works fine...

So can u please tell me what did u change in your iss configuration?
It would be really helpful.
Thanx
Laura.

Answer 5

How I worked around the problem:

Under IIS 5.x/6.0, simply give the user running the ASP.NET process access to the machinekey store, or change to an interactive user.  I.e. one with Document and Settings folder with their desktop.

Under IIS 7.0, first, don't run using ASP.NET impersonation.  I.e. disable impersonation.  Second, follow suggestion for 5.x/6.0.

Answer 6

hi

thanx for your answer.

in fact, I ve found another solution. I don t really understand how, but it perfectly works :

instead of writing :

RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();

i wrote :

CspParameters CSPParam = new CspParameters();

CSPParam.Flags = CspProviderFlags.UseMachineKeyStore;

RSACryptoServiceProvider rsa;

if (System.Web.HttpContext.Current == null) // WinForm

rsa = new RSACryptoServiceProvider();

else // WebForm - Uses Machine store for keys

rsa = new RSACryptoServiceProvider(CSPParam);

 

Hope it can help.

 

Answer 7

Hello,
    In case you are working with the IIS 7, the solution for me was to change application pool's settings to load its identity profile. The command that does this is as follows:

appcmd set apppool "AppPoolName" -processModel.loadUserProfile:true

    I had a problem with gaining access to certificate's private key under the account of the application pool in the context of a web service execution. The certificate was to be acquired from application pool's user personal certificate store.

Greetings,
Cezary

Answer 8

Hi,

Thanks for LauraB's post.  However when I followed her posted answer it was not working for me when using DSACryptoServiceProvider.  I got this exception:

Exception information:
Exception type: CryptographicException
Exception message: Bad Version of provider.

As a test, I tried specifying the KeyContainerName but another exception occurs: 

Exception information:
Exception type: CryptographicException
Exception message: The specified cryptographic service provider (CSP) does not support this key algorithm.

Finally I specified the provider type code and it all works.  Complete Code is:

// Cryptograpy parameters
// Specify 13 for DSA procider type
CspParameters CSPParam = new CspParameters(13, null, null);
CSPParam.Flags = CspProviderFlags.UseMachineKeyStore;
CSPParam.KeyContainerName = "Your Container Name";
DSACryptoServiceProvider DSA;
if (HttpContext.Current == null) // WinForm
{
    DSA = new DSACryptoServiceProvider();
}
else // WebForm - Uses Machine store for keys
{
    DSA = new DSACryptoServiceProvider(CSPParam);
}

Not sure why Microsoft don't have any info. on this, it took me some time to figure it all out.

Hope this help.

Answer 9

CezaryK said:

Hello,
    In case you are working with the IIS 7, the solution for me was to change application pool's settings to load its identity profile. The command that does this is as follows:

appcmd set apppool "AppPoolName" -processModel.loadUserProfile:true

    I had a problem with gaining access to certificate's private key under the account of the application pool in the context of a web service execution. The certificate was to be acquired from application pool's user personal certificate store.

Greetings,
Cezary

I just ran into this problem, and CezaryK's suggestion solved it for me.

Answer 10

My solution:
change Application Pool to "Classic .NET AppPool" in IIS settings