Get started for free
Visual Studio Developer Center >
System.Security.Cryptography.CryptographicException: The system cannot find the file specified

Answered System.Security.Cryptography.CryptographicException: The system cannot find the file specified

  • Monday, June 25, 2007 9:35 AM
     
     
    Sign In to Vote
    0

     

    Hi,

     

    When i tried to use a third party web service  using IIS  , i am getting the following Error


    Exception Details: System.Security.Cryptography.CryptographicException: The system cannot find the file specified.


    [CryptographicException: The system cannot find the file specified.
    ]
       System.Security.Cryptography.Utils.CreateProvHandle(CspParameters parameters, Boolean randomKeyContainer) +1459868
       System.Security.Cryptography.Utils.GetKeyPairHelper(CspAlgorithmType keyType, CspParameters parameters, Boolean randomKeyContainer, Int32 dwKeySize, SafeProvHandle& safeProvHandle, SafeKeyHandle& safeKeyHandle) +55
       System.Security.Cryptography.RSACryptoServiceProvider.GetKeyPair() +79
       System.Security.Cryptography.RSACryptoServiceProvider.ExportParameters(Boolean includePrivateParameters) +38
       System.Security.Cryptography.RSA.ToXmlString(Boolean includePrivateParameters) +41
       Globeranger.EdgeServices.Security.Runtime.Client.ClientSession.a() +158
       Globeranger.EdgeServices.Security.Runtime.Client.ClientSession.RequestLogin(String reasonMessage) +200
       Globeranger.EdgeServices.Security.Runtime.Client.ClientSession.GetNewSecureSessionToken(Boolean attemptLogin) +148
       Globeranger.EdgeServices.Security.Runtime.Client.SecureInvoker.Invoke(ClientSession session, WebServicesClientProtocol service, String methodName, Boolean attemptLoginIfNeeded, Object[] args) +90
       Globeranger.EdgeServices.Security.Runtime.Client.SecureInvoker.Invoke(ClientSession session, WebServicesClientProtocol service, String methodName, Object[] args) +15
       Globeranger.EdgeServices.Ale.Runtime.Client.AleServerProxy.SendCommandEvent(String target, CommandEvent commandEvent) +216
       MidWareGlobeRanger.CommandEventSender.SendCommandEvent(String groupName, CommandEvent commandEvent) +40
       MidWareGlobeRanger.CommandEventSender.SendSuspendEvent(String groupName) +63
       RSC_Home.Page_Load(Object sender, EventArgs e) in c:\RSC_RFID_GUI\RSC_Home.aspx.cs:118
       System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +15
       System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender, EventArgs e) +34
       System.Web.UI.Control.OnLoad(EventArgs e) +99
       System.Web.UI.Control.LoadRecursive() +47
       System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +1061


    Any solution for this?

     

    Regards
    Abraham

     

All Replies

  • Monday, June 25, 2007 6:59 PM
    Moderator
     
     Answered
    Sign In to Vote
    0

    according to the documentation you would get this if "The key cannot be exported":

    http://msdn2.microsoft.com/en-us/library/system.security.cryptography.rsacryptoserviceprovider.exportparameters.aspx

     

    hopefully this helps, if not please send more details on what "Globeranger.EdgeServices.Security.Runtime.Client" is doing.

     
  • Tuesday, June 26, 2007 5:21 AM
     
     
    Sign In to Vote
    0

    Hi  ranamauro,

     

     

    The problem occured due to some user priveledge issues in IIS , So i reconfigured IIS  and got it resolved .

     

    Globeranger.EdgeServices.Security.Runtime.Client is  third party component   that we are using to  access the web Methods .

     

    Cheers

    Abraham

     

     
  • Thursday, July 05, 2007 8:54 AM
     
     
    Sign In to Vote
    0
    You wouldn't be able to elaborate on those IIS privilege settings?  I've a feeling that I'm running into a similar problem with IIS 7.0.

    DL

     
  • Friday, July 06, 2007 6:45 PM
     
     
    Sign In to Vote
    0
    Hi, i ve got exactely the same exeption when i try my web site on my server. :

    CryptographicException: The system cannot find the file specified.
    at System.Security.Cryptography.Utils.CreateProvHandle(CspParameters parameters, Boolean randomKeyContainer) at System.Security.Cryptography.RSACryptoServiceProvider.ImportParameters(RSAParameters parameters) at System.Security.Cryptography.RSA.FromXmlString(String xmlString) at Registration.EncryptAndSign(String strOriginalMessage, String KeySender, String KeyReciever) in c:\Inetpub\vhosts\uplay-istrip.com\httpdocs\upis\Registration.aspx.cs:line 175

    When i try it on my PC with Visual Web Developer, it works fine...

    So can u please tell me what did u change in your iss configuration?
    It would be really helpful.
    Thanx
    Laura.
     
  • Monday, July 09, 2007 12:12 PM
     
     
    Sign In to Vote
    0
    How I worked around the problem:

    Under IIS 5.x/6.0, simply give the user running the ASP.NET process access to the machinekey store, or change to an interactive user.  I.e. one with Document and Settings folder with their desktop.

    Under IIS 7.0, first, don't run using ASP.NET impersonation.  I.e. disable impersonation.  Second, follow suggestion for 5.x/6.0.
     
  • Monday, July 09, 2007 12:19 PM
     
     Proposed Answer
    Sign In to Vote
    0

    hi

    thanx for your answer.

    in fact, I ve found another solution. I don t really understand how, but it perfectly works :

    instead of writing :

    RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();

    i wrote :

    CspParameters CSPParam = new CspParameters();

    CSPParam.Flags = CspProviderFlags.UseMachineKeyStore;

    RSACryptoServiceProvider rsa;

    if (System.Web.HttpContext.Current == null) // WinForm

    rsa = new RSACryptoServiceProvider();

    else // WebForm - Uses Machine store for keys

    rsa = new RSACryptoServiceProvider(CSPParam);

     

    Hope it can help.

     

    • Proposed As Answer by nobot Friday, August 15, 2008 12:20 AM
    •  
     
  • Tuesday, July 01, 2008 1:28 AM
     
     Proposed Answer Has Code
    Sign In to Vote
    3
    Hello,
        In case you are working with the IIS 7, the solution for me was to change application pool's settings to load its identity profile. The command that does this is as follows:

    appcmd set apppool "AppPoolName" -processModel.loadUserProfile:true 

        I had a problem with gaining access to certificate's private key under the account of the application pool in the context of a web service execution. The certificate was to be acquired from application pool's user personal certificate store.

    Greetings,
    Cezary
    • Proposed As Answer by chanmat Monday, November 10, 2008 5:13 AM
    •  
     
  • Monday, November 10, 2008 5:30 AM
     
      Has Code
    Sign In to Vote
    0

    Hi,

    Thanks for LauraB's post.  However when I followed her posted answer it was not working for me when using DSACryptoServiceProvider.  I got this exception:

    Exception information:
    Exception type: CryptographicException
    Exception message: Bad Version of provider.

    As a test, I tried specifying the KeyContainerName but another exception occurs: 

    Exception information:
    Exception type: CryptographicException
    Exception message: The specified cryptographic service provider (CSP) does not support this key algorithm.

    Finally I specified the provider type code and it all works.  Complete Code is:

    // Cryptograpy parameters
    // Specify 13 for DSA procider type
    CspParameters CSPParam = new CspParameters(13, null, null);
    CSPParam.Flags =     CspProviderFlags.UseMachineKeyStore;
    CSPParam.KeyContainerName = "Your Container Name";
    DSACryptoServiceProvider DSA;
    if (HttpContext.Current == null) // WinForm
    {
        DSA =     new DSACryptoServiceProvider();
    }
    else // WebForm - Uses Machine store for keys
    {
        DSA =     new DSACryptoServiceProvider(CSPParam);
    }

    Not sure why Microsoft don't have any info. on this, it took me some time to figure it all out.

    Hope this help.

     
  • Wednesday, March 18, 2009 2:57 PM
     
     
    Sign In to Vote
    1
    CezaryK said:

    Hello,
        In case you are working with the IIS 7, the solution for me was to change application pool's settings to load its identity profile. The command that does this is as follows:

    appcmd set apppool "AppPoolName" -processModel.loadUserProfile:true 

        I had a problem with gaining access to certificate's private key under the account of the application pool in the context of a web service execution. The certificate was to be acquired from application pool's user personal certificate store.

    Greetings,
    Cezary



    I just ran into this problem, and CezaryK's suggestion solved it for me.
     
  • Thursday, October 15, 2009 8:51 AM
     
     
    Sign In to Vote
    0
    My solution:
    change Application Pool to "Classic .NET AppPool" in IIS settings
     
  • Wednesday, October 20, 2010 8:18 AM
     
     
    Sign In to Vote
    1

    For those running into this issue on a Windows Web Server 2008 R2 website.. steps to follow:

    Open Internet Information Services Manager (IIS 7)

    Open Application Pools

    Select relevant Appool

    Change Managed pipeline mode to 'Classic'

    Open Advanced Settings of the apppool and change the Identity to NetworkService

    Recycle the apppool and hopefully that should sort it..

     
  • Wednesday, December 01, 2010 1:40 PM
     
     
    Sign In to Vote
    0

    We are seeing the same exception occur on one of two web servers setup as a small web farm with ISA Server in front.

    We didn't see this issue until recently when the farm was moved to a new (remote) domain. Before that, things were running fine for 2+ years.

    I can reproduce the issue in my dev environment, by deleting the Application Pool user profile for the web site, and

    can correct it by re-creating the user profile. (Decryption requires access within the User Profile to do it's work?)

    We cannot determine why one machine works fine and the other doesn't. The bad machine has been rebuilt.  This is in a test region. We also have the same setup going in production, which is working perfectly.

    This is an intermittent issue. After we rebuild the bad machine, the decryption works for a while, then fails. It's almost like the user profile is disappearing. We've done some compares between the two machines but cannot see any significant difference. They are manually setup.

    We've exhausted our diagnostics. My opinion is that it is a configuration or environmental issue. Our code base hasn't changed in 2+ years.

    Any suggestions?

     
  • Monday, July 11, 2011 11:20 AM
     
     
    Sign In to Vote
    0

    Hello epaetz41,
    I wonder if you have solved your problem? If you have, what did you do to solve it?

    It seems like we are having the same problem with the same set-up. We have two web servers (win 2008 r2 and IIS 7.0) and an ISA server in front. One web server is working fine but the other one is giving this error all the time.
    System.ServiceModel.Security.MessageSecurityException: Message security verification failed.
    System.Security.Cryptography.CryptographicException: The system cannot find the file specified.

     

    any suggestions

    Regards, Joacim
     
  • Tuesday, April 17, 2012 10:41 AM
     
     
    Sign In to Vote
    0
    It's not necessary to run this command line. Just go to advanced settings of application pool and switch boolean from false to true.
     
  • Tuesday, December 11, 2012 12:34 AM
     
     
    Sign In to Vote
    0
    We were running into a similar situation that a third party setup requirements said .net 3.5 SP1 was required.  Since our server was all up to date, we chose .net 2.0 (since 3.5 is an extension of 2.0).  We couldn't figure out why we were getting this error.  Then on an off chance, we switched to .net 4.0 and everything started working.  What I believe is happening is the 3.5 SP 1 version of .NET isn't being use by IIS.  Our next step is to re-register our .net versions in IIS and see if we can then use the 2.0 option.