System.Security.Cryptography.CryptographicException: The system cannot find the file specified. #8217 | Support

serhatuysal created 18 days ago

ABP Framework version: v8.3.1
UI Type: Angular
Database System: EF Core (SQL Server)
Tiered (for MVC) or Auth Server Separated (for Angular): no

Volo.Abp.AbpInitializationException: An error occurred during ConfigureServicesAsync phase of the module Volo.Abp.OpenIddict.AbpOpenIddictAspNetCoreModule, Volo.Abp.OpenIddict.AspNetCore, Version=8.3.1.0, Culture=neutral, PublicKeyToken=null. See the inner exception for details. ---> System.Security.Cryptography.CryptographicException: The system cannot find the file specified. at System.Security.Cryptography.X509Certificates.CertificatePal.FilterPFXStore(ReadOnlySpan1 rawData, SafePasswordHandle password, PfxCertStoreFlags pfxCertStoreFlags) at System.Security.Cryptography.X509Certificates.CertificatePal.FromBlobOrFile(ReadOnlySpan1 rawData, String fileName, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags) at System.Security.Cryptography.X509Certificates.X509Certificate..ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags) at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags)

I am encountering an error in the function. My research indicates that the 'Load User Profile' setting in the IIS application pool should be set to true. However, as the project is hosted with a hosting provider, the company representatives informed me that this setting cannot be changed in shared hosting services. Could you suggest an alternative solution?

18 Answer(s)

0

maliming created 18 days ago
Support Team Fullstack Developer

hi

You can use your openiddict.pfx file.

dotnet dev-certs https -v -ep openiddict.pfx -p 00000000-0000-0000-0000-000000000000

See https://abp.io/docs/latest/deployment/configuring-openiddict
0

serhatuysal created 18 days ago

merhaba

openiddict.pfx dosyanızı kullanabilirsiniz.

dotnet dev-certs https -v -ep openiddict.pfx -p 00000000-0000-0000-0000-000000000000

Bkz. https://abp.io/docs/latest/deployment/configuring-openiddict

Yes, I already followed the steps here and made the necessary adjustments, but the result did not change.
0

serhatuysal created 18 days ago

dotnet dev-certs https -v -ep openiddict.pfx -p bf6bc8cb-7dd5-43bc-beba-c5bbaf0f78a4

after

When we encountered the same issue with projects hosted on our own servers, setting the 'Load User Profile' option to 'true' in the IIS pool resolved the problem. However, we now need to deploy our application with a hosting provider, and they have informed us that they cannot change this setting

maliming created 18 days ago

Support Team Fullstack Developer

Try to specify the X509KeyStorageFlags

serverBuilder.AddProductionEncryptionAndSigningCertificate("openiddict.pfx", "bf6bc8cb-7dd5-43bc-beba-c5bbaf0f78a4", X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.MachineKeySet |  X509KeyStorageFlags.EphemeralKeySet);

0

serhatuysal created 18 days ago

maliming created 18 days ago

Support Team Fullstack Developer

But this extension method has three arguments. You can copy the source code of this method.

using System.IO;
using System.Security.Cryptography.X509Certificates;

namespace Microsoft.Extensions.DependencyInjection;

public static class OpenIddictServerBuilderExtensions
{
    public static OpenIddictServerBuilder AddProductionEncryptionAndSigningCertificate(this OpenIddictServerBuilder builder, string fileName, string passPhrase, X509KeyStorageFlags? flag = null)
    {
        if (!File.Exists(fileName))
        {
            throw new FileNotFoundException($"Signing Certificate couldn't found: {fileName}");
        }

        var certificate = flag != null
            ? new X509Certificate2(fileName, passPhrase, flag.Value)
            : new X509Certificate2(fileName, passPhrase);

        builder.AddSigningCertificate(certificate);
        builder.AddEncryptionCertificate(certificate);
        return builder;
    }
}

0

serhatuysal created 18 days ago

okay,

I changed the codes like this, the error message changed

Volo.Abp.AbpInitializationException: An error occurred during ConfigureServicesAsync phase of the module Volo.Abp.OpenIddict.AbpOpenIddictAspNetCoreModule, Volo.Abp.OpenIddict.AspNetCore, Version=8.3.1.0, Culture=neutral, PublicKeyToken=null. See the inner exception for details. ---> System.ArgumentException: The flags 'PersistKeySet, EphemeralKeySet' may not be specified together. (Parameter 'keyStorageFlags') at System.Security.Cryptography.X509Certificates.X509Certificate.ValidateKeyStorageFlags(X509KeyStorageFlags keyStorageFlags) at System.Security.Cryptography.X509Certificates.X509Certificate..ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags) at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags)
0

maliming created 18 days ago
Support Team Fullstack Developer

sorry for that

Can you try to use the

X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.PersistKeySet

Or

X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.EphemeralKeySet
0

serhatuysal created 18 days ago

Using X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.EphemeralKeySet solved the problem but now another unrelated error occurs

[12:04:25 INF] Executed endpoint '/Account/Login' [12:04:26 ERR] An unhandled exception has occurred while executing the request. Microsoft.Data.SqlClient.SqlException (0x80131904): Incorrect syntax near the keyword 'WITH'. Incorrect syntax near the keyword 'with'. If this statement is a common table expression, an xmlnamespaces clause or a change tracking context clause, the previous statement must be terminated with a semicolon. at Microsoft.Data.SqlClient.SqlCommand.<>c.<ExecuteDbDataReaderAsync>b__211_0(Task1 result) at System.Threading.Tasks.ContinuationResultTaskFromResultTask2.InnerInvoke() at System.Threading.Tasks.Task.<>c.<.cctor>b__281_0(Object obj)
0

maliming created 18 days ago
Support Team Fullstack Developer

hi

It seems you are using lower SQL server version. You can try to set the CompatibilityLevel as 120 and try again: https://learn.microsoft.com/en-us/ef/core/what-is-new/ef-core-8.0/breaking-changes#mitigations
0

serhatuysal created 18 days ago

I couldn't find where to make this setting.
0

maliming created 18 days ago
Support Team Fullstack Developer

hi

https://abp.io/support/questions/7232/Running-DBMigrator-in-a-Machine-with-sql-server-2012#answer-3a12b26b-f0e6-38b0-d291-a8801c0b149e
0

serhatuysal created 18 days ago

thank you for your help.
0

maliming created 18 days ago
Support Team Fullstack Developer

: )
0

serhatuysal created 15 days ago

I deployed my project .HttpApi.Host layer in the API subdomain of my hosting. (example: https://api..org) then I deployed my Angular application in the main httpsdocs folder (example: https://**.org) but there is a problem like this GET or POST operations are successful but PUT or DELETE requests are unsuccessful. When I make a request Access to XMLHttpRequest at 'https://api. **.org/api/identity/roles/cc108d9b-01ea-8d7b-b6c7-3a16184fe73a' from origin 'https://****.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. I get a 405 Method Not Allowed error what should I check
0

maliming created 15 days ago
Support Team Fullstack Developer

hi

IIS 405 https://mozartec.com/asp-net-core-error-405-methods-not-allowed-for-put-and-delete-requests-when-hosted-on-iis/
0

serhatuysal created 15 days ago

thank you
0

maliming created 15 days ago
Support Team Fullstack Developer

: )

Have an answer to this question? Log in and write your answer.