Hi ComponentSpace,
The following error has recently started showing up randomly for us on our Azure environment after running the below code in our .NET Core 2.2 application
var result = await SamlServiceProvider.ReceiveSsoAsync();
Receiving an SSO response from a partner identity provider has failed.
Internal.Cryptography.CryptoThrowHelper+WindowsCryptographicException: Keyset does not exist
at ComponentSpace.Saml2.SamlServiceProvider.DecryptSamlAssertionAsync(AssertionListItem assertionListItem)
at ComponentSpace.Saml2.SamlServiceProvider.GetSamlAssertionAsync(SamlResponse samlResponse)
at ComponentSpace.Saml2.SamlServiceProvider.ProcessSamlResponseAsync(XmlElement samlResponseElement)
at ComponentSpace.Saml2.SamlServiceProvider.ReceiveSsoAsync()
I've been told that it happens randomly. I've looked around on the forums and I see topics mentioning that it may be related to permissions
https://componentspace.com/Forums/8629/CryptographicException-Keyset-does-not-exist
https://www.componentspace.com/Forums/29/Troubleshooting-Loading-X.509-Certificates
We store our certificates in the database and load them through a custom ICertificateLoader implementation.
return new X509Certificate2(file, password, X509KeyStorageFlags.Exportable | X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.PersistKeySet);
Our ComponentSpace.Saml2.dll is version 2.0.6, and we recently updated our application to .NET Core 2.2.
On azure, we run our application in an App Service.
Do you have any suggestions? I believe it has only started happening recently.