locked
System.Security.Cryptography.CryptographicException: An internal error occurred RRS feed

  • Question

  • Hello,
    My team and I have developed a HealthVault Application that uses a webservice to communicate with HealthVault.  It works fine on our development server, but when we moved it to our live server (running Windows Server 2008 RC2 + IIS) I receive an error when it attempts to communicate with HealthVault.

    The Error log is...
    System.Security.SecurityException: Error loading certificate. Is password specified using ApplicationCertificatePassword? ---> System.Security.Cryptography.CryptographicException: An internal error occurred.

    at System.Security.Cryptography.CryptographicException.ThrowCryptogaphicException(Int32 hr)
    at System.Security.Cryptography.X509Certificates.X509Utils._LoadCertFromFile(String fileName, IntPtr password, UInt32 dwFlags, Boolean persistKeySet, SafeCertContextHandle& pCertCtx)
    at System.Security.Cryptography.X509Certificates.X509Certificate.LoadCertificateFromFile(String fileName, Object password, X509KeyStorageFlags keyStorageFlags)
    at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(String fileName, String password)
    at Microsoft.Health.ApplicationConfiguration.GetSignatureCertRsaProviderFromFile(String certFilename, RSACryptoServiceProvider& rsaProvider, String& thumbprint) in e:\src\hsmain\private\prod\src\sdk\core\ApplicationConfiguration.cs:line 653
    --- End of inner exception stack trace ---
    at Microsoft.Health.ApplicationConfiguration.GetSignatureCertRsaProviderFromFile(String certFilename, RSACryptoServiceProvider& rsaProvider, String& thumbprint) in e:\src\hsmain\private\prod\src\sdk\core\ApplicationConfiguration.cs:line 678
    at Microsoft.Health.ApplicationConfiguration.GetSignatureCertRsaProvider(Guid applicationId, StoreLocation storeLocation, String certSubject, RSACryptoServiceProvider& rsaProvider, String& thumbprint) in e:\src\hsmain\private\prod\src\sdk\core\ApplicationConfiguration.cs:line 583
    at Microsoft.Health.Web.Authentication.WebApplicationCredential.SetupSignatureCertRsaProvider() in e:\src\hsmain\private\prod\src\sdk\core\Authentication\WebApplicationCredential.cs:line 343
    at Microsoft.Health.Web.Authentication.WebApplicationCredential.Initialize(Guid applicationId) in e:\src\hsmain\private\prod\src\sdk\core\Authentication\WebApplicationCredential.cs:line 309
    at Microsoft.Health.Web.Authentication.WebApplicationCredential..ctor(Guid applicationId, String subCredential) in e:\src\hsmain\private\prod\src\sdk\core\Authentication\WebApplicationCredential.cs:line 231
    at Microsoft.Health.Web.WebApplicationUtilities.GetPersonInfo(String authToken, Guid appId) in e:\src\hsmain\private\prod\src\sdk\web\WebApplicationUtilities.cs:line 1611
    at Microsoft.Health.Web.WebApplicationUtilities.GetPersonInfo(String authToken) in e:\src\hsmain\private\prod\src\sdk\web\WebApplicationUtilities.cs:line 1588
    at CopyTo.GetValues[T](Guid typeID, String authToken)
    at CopyTo.getDrugsFromHealthVault(String authToken)
    I'm guessing it's an issue with the certificate not installing correctly, but we can't seem to figure out what to do.


    What we've already tried...
    • using HealthVault Application Manager Import pfx
    This added the certificate into the Computer Certificate Store, but it doesn't allow me to "Grant access to IIS process" (when i click it nothing happens)
    • I also used the winhttpcertcfg
    This seem to run correctly, but didn't have any affect on the error I'm getting

    Any Thoughts would be greatly appreciated

    Thanks Steve
    Tuesday, March 2, 2010 3:12 PM

Answers

  • Hello Steve,

    You can troubleshoot this using the troubleshooter utility shipped in our SDK. However this FAQ post might be helpful.

    Hope this helps.

     


    -Mahesh
    • Marked as answer by smbialec Tuesday, March 2, 2010 6:48 PM
    Tuesday, March 2, 2010 4:28 PM
  • First thanks Mahesh for your support.

    My Team and I found the solution to this problem with some help of Mahesh and some resources on the web.

    The issue had to do with the certificate not importing correctly.  We used the link below to help guide us through the steps.  Essentially we needed to export the certificate, then delete it from the cert store, and then re-import the exported cert. Hopefully these steps help those in the future.


    http://geekswithblogs.net/samerpaul/archive/2009/08/03/ldquokeyset-does-not-existrdquo-health-vault-application-error-with-iis.aspx
    
    
    
    
    
    • Marked as answer by smbialec Tuesday, March 2, 2010 6:48 PM
    Tuesday, March 2, 2010 6:46 PM

All replies

  • Hello Steve,

    You can troubleshoot this using the troubleshooter utility shipped in our SDK. However this FAQ post might be helpful.

    Hope this helps.

     


    -Mahesh
    • Marked as answer by smbialec Tuesday, March 2, 2010 6:48 PM
    Tuesday, March 2, 2010 4:28 PM
  • First thanks Mahesh for your support.

    My Team and I found the solution to this problem with some help of Mahesh and some resources on the web.

    The issue had to do with the certificate not importing correctly.  We used the link below to help guide us through the steps.  Essentially we needed to export the certificate, then delete it from the cert store, and then re-import the exported cert. Hopefully these steps help those in the future.


    http://geekswithblogs.net/samerpaul/archive/2009/08/03/ldquokeyset-does-not-existrdquo-health-vault-application-error-with-iis.aspx
    
    
    
    
    
    • Marked as answer by smbialec Tuesday, March 2, 2010 6:48 PM
    Tuesday, March 2, 2010 6:46 PM