Tuesday, October 14, 2008

WCF, IIS, Keyset does not exist

- Error: Keyset does not exist error when I try to test WCF project with X509 security.

Solution:
  1. Check if WCF support is installed for IIS:
  2. If you are using certificate, check if application pool have access permissions for private key. To provide access permissions do:
    1. Find IIS application pool identity
    2. Find private key file name for certificate (FindPrivateKey.exe):
    3. Add read permissions for IIS application pool identity (cacls.exe) or just open windows explorer and set permissions




2 comments:

Fuzzy Analysis said...

Thanks, your pic of IIS and the application pools gave me the idea to change the Identity to "NetworkService", and I then went and gave the Network Service account permissions to access the keyset (in C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys), then this error went away. Thanks, saved me hours of pain! :)

Unknown said...

Great! I spent a lot of time search this.