Open Closed

AbpOpenIddictAspNetCoreModule Cannot find specified file #6521


User avatar
0
darutter created
  • ABP Framework version: v8.0.1
  • UI Type: MVC
  • Database System: EF Core (SQL Server)
  • Tiered (for MVC) or Auth Server Separated (for Angular): no
  • Exception message and full stack trace:
  • Volo.Abp.AbpInitializationException: An error occurred during ConfigureServicesAsync phase of the module Volo.Abp.OpenIddict.AbpOpenIddictAspNetCoreModule, Volo.Abp.OpenIddict.AspNetCore, Version=8.0.1.0, Culture=neutral, PublicKeyToken=null. See the inner exception for details. ---> System.Security.Cryptography.CryptographicException: The system cannot find the file specified. at System.Security.Cryptography.CngKey.Open(String keyName, CngProvider provider, CngKeyOpenOptions openOptions) at System.Security.Cryptography.X509Certificates.CertificatePal.GetPrivateKey[T](Func2 createCsp, Func2 createCng) at System.Security.Cryptography.X509Certificates.CertificatePal.GetRSAPrivateKey() at System.Security.Cryptography.X509Certificates.CertificateExtensionsCommon.GetPrivateKey[T](X509Certificate2 certificate, Predicate1 matchesConstraints) at System.Security.Cryptography.X509Certificates.RSACertificateExtensions.GetRSAPrivateKey(X509Certificate2 certificate) at Microsoft.IdentityModel.Tokens.X509SecurityKey.get_PrivateKey() at Microsoft.IdentityModel.Tokens.X509SecurityKey.get_PrivateKeyStatus() at Microsoft.Extensions.DependencyInjection.OpenIddictServerBuilder.AddSigningKey(SecurityKey key) at Microsoft.Extensions.DependencyInjection.OpenIddictServerBuilder.AddSigningCertificate(X509Certificate2 certificate) at StatAlert.Web.StatAlertWebModule.<>c__DisplayClass0_0.<PreConfigureServices>b__3(OpenIddictServerBuilder builder) in Z:\Projects\StatAlert_Core\aspnet-core\src\StatAlert.Web\StatAlertWebModule.cs:line 123 at Volo.Abp.Options.PreConfigureActionList1.Configure(TOptions options) at Microsoft.Extensions.DependencyInjection.ServiceCollectionPreConfigureExtensions.ExecutePreConfiguredActions[TOptions](IServiceCollection services, TOptions options) at Volo.Abp.OpenIddict.AbpOpenIddictAspNetCoreModule.<>c__DisplayClass1_0.<AddOpenIddictServer>b__0(OpenIddictServerBuilder builder) at Microsoft.Extensions.DependencyInjection.OpenIddictServerExtensions.AddServer(OpenIddictBuilder builder, Action1 configuration) at Volo.Abp.OpenIddict.AbpOpenIddictAspNetCoreModule.AddOpenIddictServer(IServiceCollection services) at Volo.Abp.OpenIddict.AbpOpenIddictAspNetCoreModule.ConfigureServices(ServiceConfigurationContext context) at Volo.Abp.Modularity.AbpModule.ConfigureServicesAsync(ServiceConfigurationContext context) at Volo.Abp.AbpApplicationBase.ConfigureServicesAsync() --- End of inner exception stack trace --- at Volo.Abp.AbpApplicationBase.ConfigureServicesAsync() at Volo.Abp.AbpApplicationFactory.CreateAsync[TStartupModule](IServiceCollection services, Action1 optionsAction) at Microsoft.Extensions.DependencyInjection.ServiceCollectionApplicationExtensions.AddApplicationAsync[TStartupModule](IServiceCollection services, Action1 optionsAction) at Microsoft.Extensions.DependencyInjection.WebApplicationBuilderExtensions.AddApplicationAsync[TStartupModule](WebApplicationBuilder builder, Action1 optionsAction)

Create app, create authserver.pfx file with correct key, set file to always deploy, deploy to Azure. Generates error when attempting to start app service.

I've had similar problems with a 7.x deployment and followed all of the steps identified in that problem, but none of them have solved the problem. Looking for help in the 8.0 environment.


7 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    System.Security.Cryptography.CryptographicException: The system cannot find the file specified. at System.Security.Cryptography.CngKey.Open(String keyName, CngProvider provider, CngKeyOpenOptions openOptions)

    Please check and make sure the authserver.pfx file exists on your azure.

  • User Avatar
    0
    darutter created

    The file does exist and it the one I created with the correct key.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Can you share the code of PreConfigureServices method.

    Thanks.

  • User Avatar
    0
    darutter created
    public override void PreConfigureServices(ServiceConfigurationContext context)
    {
        var hostingEnvironment = context.Services.GetHostingEnvironment();
        var configuration = context.Services.GetConfiguration();
    
        context.Services.PreConfigure&lt;AbpMvcDataAnnotationsLocalizationOptions&gt;(options =>
        {
            options.AddAssemblyResource(
                typeof(StatAlertResource),
                typeof(StatAlertDomainModule).Assembly,
                typeof(StatAlertDomainSharedModule).Assembly,
                typeof(StatAlertApplicationModule).Assembly,
                typeof(StatAlertApplicationContractsModule).Assembly,
                typeof(StatAlertWebModule).Assembly
            );
        });
    
        PreConfigure&lt;OpenIddictBuilder&gt;(builder =>
        {
            builder.AddValidation(options =>
            {
                options.AddAudiences("StatAlert");
                options.UseLocalServer();
                options.UseAspNetCore();
            });
        });
    
        if (!hostingEnvironment.IsDevelopment())
        {
            PreConfigure&lt;AbpOpenIddictAspNetCoreOptions&gt;(options =>
            {
                options.AddDevelopmentEncryptionAndSigningCertificate = false;
            });
    
            PreConfigure&lt;OpenIddictServerBuilder&gt;(builder =>
            {
                builder.AddSigningCertificate(GetSigningCertificate(hostingEnvironment, configuration));
                builder.AddEncryptionCertificate(GetSigningCertificate(hostingEnvironment, configuration));
                builder.SetIssuer(new Uri(configuration["AuthServer:Authority"]));
            });
        }
    }
    

    This is the code in the GetSigningCertificate (minus the line that defines the actual key) var file = Path.Combine(hostingEnv.ContentRootPath, fileName);

        if (!File.Exists(file))
        {
            throw new FileNotFoundException($"Signing Certificate couldn't found: {file}");
        }
    
        return new X509Certificate2(file, passPhrase);
    

    NOTICE that the message if the file doesn't exist is not the message received in the error.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Are you using IIS?

    You can try this https://stackoverflow.com/questions/17840825/cryptographicexception-was-unhandled-system-cannot-find-the-specified-file/27242467#27242467

  • User Avatar
    0
    darutter created

    This is being deployed to Azure.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Can you try X509KeyStorageFlags?

    return new X509Certificate2(file, passPhrase, X509KeyStorageFlags.MachineKeySet);
    

    https://www.davidyardy.com/blog/windowscryptographicexception-the-system-cannot-find-the-file-specified

Made with ❤️ on ABP v9.1.0-preview. Updated on December 26, 2024, 06:07