Friday, July 20, 2018

Sitecore Identity Server - CryptographicException Keyset does not exist

During an upgrade of  a Sitecore Experience Commerce instance from update 1 to update 2, the identity server started to display the following error when attempting to get a token via Postman.
Unhandled exception: "System.Security.Cryptography.CryptographicException: Keyset does not exist
This is a permissions issue in relation to the certificate used on the identity server. To resolve this issue:

  1. Open a Command Prompt window.
  2. Type mmc and press the enter key. 
  3. On the File menu, click Add/Remove Snap In.
  4. Click Add.
  5. In the Add Standalone Snap-in dialog box, select Certificates.
  6. Click Add.
  7. In the Certificates snap-in dialog box, select Computer account and click Next. Optionally, you can select My User account or Service account. If you are not an administrator of the computer, you can manage certificates only for your user account.
  8. In the Select Computer dialog box, click Finish.
  9. In the Add Standalone Snap-in dialog box, click Close.
  10. On the Add/Remove Snap-in dialog box, click OK.
  11. In the Console Root window, click Certificates (Local Computer) to view the certificate stores for the computer.
  12. Locate the certificate used on the identity server site
  13. Right click the certificate
  14. Select All Tasks
  15. Select Manage Private Keys
  16. Add the identity of the application pool of the identity server and select Ok
The error should no longer occur.

Apply permissions to a certificate

No comments:

Post a Comment