We're experiencing a random "Keyset does not exist" error when running an MVC app in Azure that is scaled across multiple instances. The error is
System.Security.Cryptography.CryptographicException: Keyset does not exist at System.Security.Cryptography.Utils.CreateProvHandle(CspParameters parameters, Boolean randomKeyContainer) at System.Security.Cryptography.Utils.GetKeyPairHelper(CspAlgorithmType keyType, CspParameters parameters, Boolean randomKeyContainer, Int32 dwKeySize, SafeProvHandle& safeProvHandle, SafeKeyHandle& safeKeyHandle) at System.Security.Cryptography.RSACryptoServiceProvider.GetKeyPair() at System.Security.Cryptography.RSACryptoServiceProvider..ctor(Int32 dwKeySize, CspParameters parameters, Boolean useDefaultKeySize) at System.Security.Cryptography.X509Certificates.X509Certificate2.get_PrivateKey() at ComponentSpace.SAML2.InternalSAMLIdentityProvider.CreateSAMLResponse(String userName, SAMLAttribute[] attributes, Status status, String assertionConsumerServiceUrl) at ComponentSpace.SAML2.InternalSAMLIdentityProvider.SendSSO(HttpResponseBase httpResponse, String userName, SAMLAttribute[] attributes, Status status, String assertionConsumerServiceUrl) at ComponentSpace.SAML2.SAMLIdentityProvider.SendSSO(HttpResponseBase httpResponse, String userName, IDictionary`2 attributes)
This error doesn't occur for all users, and seems to affect people at random.
From searching for further info, the vast majority of relavent information to try to fix the issue invovle either changing the account the web app runs under or changing the way the certificate is opened. In Azure, we can't change the account for the app, and the cert is opened internally by the component.
Any pointers or assistance gratefully received.
Many thanks Regards Andy
|