Tuesday, October 14, 2008

WCF, IIS, Keyset does not exist

- Error: Keyset does not exist error when I try to test WCF project with X509 security.

  1. Check if WCF support is installed for IIS:
  2. If you are using certificate, check if application pool have access permissions for private key. To provide access permissions do:
    1. Find IIS application pool identity
    2. Find private key file name for certificate (FindPrivateKey.exe):
    3. Add read permissions for IIS application pool identity (cacls.exe) or just open windows explorer and set permissions


Fuzzy Analysis said...

Thanks, your pic of IIS and the application pools gave me the idea to change the Identity to "NetworkService", and I then went and gave the Network Service account permissions to access the keyset (in C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys), then this error went away. Thanks, saved me hours of pain! :)

Malunin Lev said...

Great! I spent a lot of time search this.