asked on Keyset does not exist WebApi X509 Self Signed Certificate
HI All,
I have created a self signed certificate for signing my JWT tokens for access to a web api.
Now (i think as my machine has restarted but i'm not 100%) I am getting the error;
which is being thrown here;
This has happened before and following this link fixed the issue. However, it just seem to be short term.
http://stackoverflow.com/questions/12106011/system-security-cryptography-cryptographicexception-keyset-does-not-exist
Can anyone help me to solve this permanantly?
I have created a self signed certificate for signing my JWT tokens for access to a web api.
Now (i think as my machine has restarted but i'm not 100%) I am getting the error;
System.InvalidOperationException was unhandled by user code
HResult=-2146233079
Message=IDX10614: AsymmetricSecurityKey.GetSignatureFormater( 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256' ) threw an exception.
Key: 'System.IdentityModel.Tokens.X509AsymmetricSecurityKey'
SignatureAlgorithm: 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256', check to make sure the SignatureAlgorithm is supported.
Exception:'System.Security.Cryptography.CryptographicException: Keyset does not exist
at System.Security.Cryptography.Utils.CreateProvHandle(CspParameters parameters, Boolean randomKeyContainer)
at System.Security.Cryptography.Utils.GetKeyPairHelper(CspAlgorithmType keyType, CspParameters parameters, Boolean randomKeyContainer, Int32 dwKeySize, SafeProvHandle& safeProvHandle, SafeKeyHandle& safeKeyHandle)
at System.Security.Cryptography.RSACryptoServiceProvider.GetKeyPair()
at System.Security.Cryptography.RSACryptoServiceProvider..ctor(Int32 dwKeySize, CspParameters parameters, Boolean useDefaultKeySize)
at System.Security.Cryptography.X509Certificates.X509Certificate2.get_PrivateKey()
at System.IdentityModel.Tokens.X509AsymmetricSecurityKey.get_PrivateKey()
at System.IdentityModel.Tokens.X509AsymmetricSecurityKey.GetSignatureFormatter(String algorithm)
at System.IdentityModel.Tokens.AsymmetricSignatureProvider..ctor(AsymmetricSecurityKey key, String algorithm, Boolean willCreateSignatures)'.
If you only need to verify signatures the parameter 'willBeUseForSigning' should be false if the private key is not be available.
Source=System.IdentityModel.Tokens.Jwt
StackTrace:
at System.IdentityModel.Tokens.AsymmetricSignatureProvider..ctor(AsymmetricSecurityKey key, String algorithm, Boolean willCreateSignatures)
at System.IdentityModel.Tokens.SignatureProviderFactory.CreateProvider(SecurityKey key, String algorithm, Boolean willCreateSignatures)
at System.IdentityModel.Tokens.SignatureProviderFactory.CreateForSigning(SecurityKey key, String algorithm)
at System.IdentityModel.Tokens.JwtSecurityTokenHandler.CreateSignature(String inputString, SecurityKey key, String algorithm, SignatureProvider signatureProvider)
at System.IdentityModel.Tokens.JwtSecurityTokenHandler.WriteToken(SecurityToken token)
at TelematicusApi.ProvidersMyJwtFormat.Protect(AuthenticationTicket data) in c:\Users\bernie\Documents\Visual Studio 2013\Projects\Api\Providers\MyJwtFormat.cs:line 57
at Microsoft.Owin.Security.Infrastructure.AuthenticationTokenCreateContext.SerializeTicket()
at Microsoft.Owin.Security.OAuth.OAuthAuthorizationServerHandler.<InvokeTokenEndpointAsync>d__22.MoveNext()
InnerException: System.Security.Cryptography.CryptographicException
HResult=-2146893802
Message=Keyset does not exist
Source=mscorlib
StackTrace:
at System.Security.Cryptography.Utils.CreateProvHandle(CspParameters parameters, Boolean randomKeyContainer)
at System.Security.Cryptography.Utils.GetKeyPairHelper(CspAlgorithmType keyType, CspParameters parameters, Boolean randomKeyContainer, Int32 dwKeySize, SafeProvHandle& safeProvHandle, SafeKeyHandle& safeKeyHandle)
at System.Security.Cryptography.RSACryptoServiceProvider.GetKeyPair()
at System.Security.Cryptography.RSACryptoServiceProvider..ctor(Int32 dwKeySize, CspParameters parameters, Boolean useDefaultKeySize)
at System.Security.Cryptography.X509Certificates.X509Certificate2.get_PrivateKey()
at System.IdentityModel.Tokens.X509AsymmetricSecurityKey.get_PrivateKey()
at System.IdentityModel.Tokens.X509AsymmetricSecurityKey.GetSignatureFormatter(String algorithm)
at System.IdentityModel.Tokens.AsymmetricSignatureProvider..ctor(AsymmetricSecurityKey key, String algorithm, Boolean willCreateSignatures)
InnerException:
which is being thrown here;
var token = new JwtSecurityToken(
_issuer,
audienceId,
data.Identity.Claims,
issued.Value.UtcDateTime,
expires.Value.UtcDateTime,
x509SigningCredentials);
var handler = new JwtSecurityTokenHandler();
var jwt = handler.WriteToken(token);
This has happened before and following this link fixed the issue. However, it just seem to be short term.
http://stackoverflow.com/questions/12106011/system-security-cryptography-cryptographicexception-keyset-does-not-exist
Can anyone help me to solve this permanantly?
EncryptionSSL / HTTPSASP.NETMicrosoft IIS Web ServerSecurity
Last Comment
becraig
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.