Solved

Indicium universal throws Access is denied on WindowsCryptographicException in Azure

  • 28 March 2022
  • 2 replies
  • 122 views
E
Rank
Badge +9

I’ve deployed the latest version of Indicium universal to Azure according to the instructions (https://docs.thinkwisesoftware.com/docs/deployment/azure#creating-an-azure-web-app). Unfortunately  the application does not start with message:

HTTP Error 500.30 - ASP.NET Core app failed to start

The event log has more information:

Application '/LM/W3SVC/1165921035/ROOT/indicium' with physical root 'D:\home\site\indicium\' hit unexpected managed exception, exception code = '0xe0434352'. First 30KB characters of captured stdout and stderr logs:Unhandled exception. Internal.Cryptography.CryptoThrowHelper+WindowsCryptographicException: Access is denied.   at Internal.Cryptography.Pal.StorePal.FromSystemStore(String storeName, StoreLocation storeLocation, OpenFlags openFlags)   at System.Security.Cryptography.X509Certificates.X509Store.Open(OpenFlags flags)   at Indicium.Startup.getOpenIdSigningCertificate() in C:\azp\agent\_work\1\s\src\Indicium\Startup.cs:line 868   at Indicium.Startup.configureIdentityServer(IServiceCollection services, IRootApplicationLoader rootApplicationLoader, OIDClientConfiguration oidConfig) in C:\azp\agent\_work\1\s\src\Indicium\Startup.cs:line 793   at Indicium.Startup.ConfigureServices(IServiceCollection services) in C:\azp\agent\_work\1\s\src\Indicium\Startup.cs:line 460   at System.RuntimeMethodHandle.InvokeMethod(Object target, Object[] arguments, Signature sig, Boolean constructor, Boolean wrapExceptions)   at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)   at Microsoft.AspNetCore.Hosting.ConfigureServicesBuilder.InvokeCore(Object instance, IServiceCollection services)   at Microsoft.AspNetCore.Hosting.ConfigureServicesBuilder.<>c__DisplayClass9_0.<Invoke>g__Startup|0(IServiceCollection serviceCollection)   at Microsoft.AspNetCore.Hosting.StartupLoader.ConfigureServicesDelegateBuilder`1.<>c__DisplayClass15_0.<BuildStartupServicesFilterPipeline>g__RunPipeline|0(IServiceCollection services)   at Microsoft.AspNetCore.Hosting.ConfigureServicesBuilder.Invoke(Object instance, IServiceCollection services)   at Microsoft.AspNetCore.Hosting.ConfigureServicesBuilder.<>c__DisplayClass8_0.<Build>b__0(IServiceCollection services)   at Microsoft.AspNetCore.Hosting.StartupLoader.ConfigureServicesDelegateBuilder`1.<>c__DisplayClass14_0.<ConfigureServices>g__ConfigureServicesWithContainerConfiguration|0(IServiceCollection services)   at Microsoft.AspNetCore.Hosting.ConventionBasedStartup.ConfigureServices(IServiceCollection services)   at Microsoft.AspNetCore.Hosting.WebHost.EnsureApplicationServices()   at Microsoft.AspNetCore.Hosting.WebHost.Initialize()   at Microsoft.AspNetCore.Hosting.WebHostBuilder.Build()   at Indicium.Program.Main(String[] args) in C:\azp\agent\_work\1\s\src\Indicium\Program.cs:line 23Process Id: 7668.File Version: 15.0.22014.14. Description: IIS ASP.NET Core Module V2 Request Handler. Commit: 88ca061d20b28892b28279b17bad46919cff49a4

Has anyone seen this issue before or an idea how i can resolve this issue?

icon

Best answer by Mark Jongeling 28 March 2022, 09:35

View original
This topic has been closed for comments

2 replies

Mark Jongeling
Rank
Userlevel 7
Badge +23

Hi, 

Could it be something with OpenID? I see in the Stack trace the following: getOpenIdSigningCertificate

It may also be the Cache folder. Could you shut off Indicium, delete the Cache folder, then turn Indicium back on? The Cache will then be recreated by the new version of Indicium.

On holiday May 6 - May 31
E
Rank
Badge +9

That OpenID was the issue. I had created a test OpenID configuration in IAM. When i removed that configuration the indicium did start succesfully.

Thank you for the suggestion!

Terms & ConditionsCookie settings