- Error: Keyset does not exist error when I try to test WCF project with X509 security.
Solution:
- Check if WCF support is installed for IIS:
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiS2w9uYMrTUfR8dv9rO15y5YJ1PsKFG3N1xdU10uHvu_wnpNXBQ1EmcH70VlrKC3Krld4A8pvsYlsodw5GkcVD4sP73-eLi-_x_Qe6nZiukfNI8zNyAZvFT_-XOSi6KY-BEldb/s320/Capture.JPG)
- If you are using certificate, check if application pool have access permissions for private key. To provide access permissions do:
- Find IIS application pool identity
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJcmK1qrAp7bWfvDABRjOE0KoCSufBfqbuZIea6rwcRvQS7owDA47BGlrpvAbt1rovraPQaP97de3BQBfn0YHsQEwZHRafjEqtsnDtvD4EO8ygIE8BBseaRKZxBVfWKIt2WuS-/s320/Capture2.JPG)
- Find private key file name for certificate (FindPrivateKey.exe):
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEitZMlg2MNLaCf2_tVXw_hD769dogw9A_MfWgaepCmZvjynlf6LOqrT97kbrqyrrTn5aWKXs17FDNPUs-oP23QiX6h4eVoiZ7pivI0g1lIW40UHRGox6SjpM_Z5D5aPSwIryFn9/s400/Capture3.JPG)
- Add read permissions for IIS application pool identity (cacls.exe) or just open windows explorer and set permissions
2 comments:
Thanks, your pic of IIS and the application pools gave me the idea to change the Identity to "NetworkService", and I then went and gave the Network Service account permissions to access the keyset (in C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys), then this error went away. Thanks, saved me hours of pain! :)
Great! I spent a lot of time search this.
Post a Comment