- ABP Framework version: v8.3.1
- UI Type: Angular
- Database System: EF Core (SQL Server)
- Tiered (for MVC) or Auth Server Separated (for Angular): no
Volo.Abp.AbpInitializationException: An error occurred during ConfigureServicesAsync phase of the module Volo.Abp.OpenIddict.AbpOpenIddictAspNetCoreModule, Volo.Abp.OpenIddict.AspNetCore, Version=8.3.1.0, Culture=neutral, PublicKeyToken=null. See the inner exception for details. ---> System.Security.Cryptography.CryptographicException: The system cannot find the file specified. at System.Security.Cryptography.X509Certificates.CertificatePal.FilterPFXStore(ReadOnlySpan
1 rawData, SafePasswordHandle password, PfxCertStoreFlags pfxCertStoreFlags) at System.Security.Cryptography.X509Certificates.CertificatePal.FromBlobOrFile(ReadOnlySpan1 rawData, String fileName, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags) at System.Security.Cryptography.X509Certificates.X509Certificate..ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags) at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags)
I am encountering an error in the function. My research indicates that the 'Load User Profile' setting in the IIS application pool should be set to true. However, as the project is hosted with a hosting provider, the company representatives informed me that this setting cannot be changed in shared hosting services. Could you suggest an alternative solution?
14 Answer(s)
-
0
hi
You can use your
openiddict.pfxfile.dotnet dev-certs https -v -ep openiddict.pfx -p 00000000-0000-0000-0000-000000000000See https://abp.io/docs/latest/deployment/configuring-openiddict
-
0
merhaba
openiddict.pfxdosyanızı kullanabilirsiniz.dotnet dev-certs https -v -ep openiddict.pfx -p 00000000-0000-0000-0000-000000000000Bkz. https://abp.io/docs/latest/deployment/configuring-openiddict
Yes, I already followed the steps here and made the necessary adjustments, but the result did not change.
-
0
dotnet dev-certs https -v -ep openiddict.pfx -p bf6bc8cb-7dd5-43bc-beba-c5bbaf0f78a4
after
When we encountered the same issue with projects hosted on our own servers, setting the 'Load User Profile' option to 'true' in the IIS pool resolved the problem. However, we now need to deploy our application with a hosting provider, and they have informed us that they cannot change this setting
-
0
hi
Try to specify the
X509KeyStorageFlagsserverBuilder.AddProductionEncryptionAndSigningCertificate("openiddict.pfx", "bf6bc8cb-7dd5-43bc-beba-c5bbaf0f78a4", X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.EphemeralKeySet); -
0
-
0
hi
But this extension method has three arguments. You can copy the source code of this method.
using System.IO; using System.Security.Cryptography.X509Certificates; namespace Microsoft.Extensions.DependencyInjection; public static class OpenIddictServerBuilderExtensions { public static OpenIddictServerBuilder AddProductionEncryptionAndSigningCertificate(this OpenIddictServerBuilder builder, string fileName, string passPhrase, X509KeyStorageFlags? flag = null) { if (!File.Exists(fileName)) { throw new FileNotFoundException($"Signing Certificate couldn't found: {fileName}"); } var certificate = flag != null ? new X509Certificate2(fileName, passPhrase, flag.Value) : new X509Certificate2(fileName, passPhrase); builder.AddSigningCertificate(certificate); builder.AddEncryptionCertificate(certificate); return builder; } } -
0
okay,
I changed the codes like this, the error message changed
Volo.Abp.AbpInitializationException: An error occurred during ConfigureServicesAsync phase of the module Volo.Abp.OpenIddict.AbpOpenIddictAspNetCoreModule, Volo.Abp.OpenIddict.AspNetCore, Version=8.3.1.0, Culture=neutral, PublicKeyToken=null. See the inner exception for details. ---> System.ArgumentException: The flags 'PersistKeySet, EphemeralKeySet' may not be specified together. (Parameter 'keyStorageFlags') at System.Security.Cryptography.X509Certificates.X509Certificate.ValidateKeyStorageFlags(X509KeyStorageFlags keyStorageFlags) at System.Security.Cryptography.X509Certificates.X509Certificate..ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags) at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags)
-
0
sorry for that
Can you try to use the
X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.PersistKeySetOr
X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.EphemeralKeySet -
0
Using X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.EphemeralKeySet solved the problem but now another unrelated error occurs
[12:04:25 INF] Executed endpoint '/Account/Login' [12:04:26 ERR] An unhandled exception has occurred while executing the request. Microsoft.Data.SqlClient.SqlException (0x80131904): Incorrect syntax near the keyword 'WITH'. Incorrect syntax near the keyword 'with'. If this statement is a common table expression, an xmlnamespaces clause or a change tracking context clause, the previous statement must be terminated with a semicolon. at Microsoft.Data.SqlClient.SqlCommand.<>c.<ExecuteDbDataReaderAsync>b__211_0(Task
1 result) at System.Threading.Tasks.ContinuationResultTaskFromResultTask2.InnerInvoke() at System.Threading.Tasks.Task.<>c.<.cctor>b__281_0(Object obj) -
0
hi
It seems you are using lower SQL server version. You can try to set the
CompatibilityLevel as 120and try again: https://learn.microsoft.com/en-us/ef/core/what-is-new/ef-core-8.0/breaking-changes#mitigations -
0
I couldn't find where to make this setting.
-
0
hi
https://abp.io/support/questions/7232/Running-DBMigrator-in-a-Machine-with-sql-server-2012#answer-3a12b26b-f0e6-38b0-d291-a8801c0b149e
-
0
thank you for your help.
-
0
: )
