Our Blog

Azure – while trying to read pfx (certificate) from disk I came across a number of issues, but thought this might help some out.

The fix was adding the final parameter X509KeyStorageFlags

var cert = new X509Certificate2($"{Environment.ContentRootPath}/App_Data/mycert.pfx", "{password}", X509KeyStorageFlags.MachineKeySet);



Other references:
https://support.microsoft.com/en-us/help/950090/installing-a-pfx-file-using-x509certificate-from-a-standard-net-applic
https://stackoverflow.com/questions/52750160/what-is-the-rationale-for-all-the-different-x509keystorageflags

An unhandled exception occurred while processing the request.
WindowsCryptographicException: The system cannot find the file specified.
System.Security.Cryptography.CngKey.Open(string keyName, CngProvider provider, CngKeyOpenOptions openOptions)

Exception: An error was encountered while handling the remote login.
Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler<TOptions>.HandleRequestAsync()

Stack Query Cookies Headers Routing
WindowsCryptographicException: The system cannot find the file specified.
System.Security.Cryptography.CngKey.Open(string keyName, CngProvider provider, CngKeyOpenOptions openOptions)
System.Security.Cryptography.CngKey.Open(string keyName, CngProvider provider)
Internal.Cryptography.Pal.CertificatePal.GetPrivateKey<T>(Func<CspParameters, T> createCsp, Func<CngKey, T> createCng)
Internal.Cryptography.Pal.CertificatePal.GetRSAPrivateKey()
System.Security.Cryptography.X509Certificates.X509Certificate2.get_PrivateKey()
Microsoft.IdentityModel.Tokens.X509SecurityKey.get_PrivateKey()
Microsoft.IdentityModel.Tokens.X509SecurityKey.get_PrivateKeyStatus()
Microsoft.IdentityModel.Tokens.AsymmetricSignatureProvider.FoundPrivateKey(SecurityKey key)
Microsoft.IdentityModel.Tokens.AsymmetricSignatureProvider..ctor(SecurityKey key, string algorithm, bool willCreateSignatures)
Microsoft.IdentityModel.Tokens.AsymmetricSignatureProvider..ctor(SecurityKey key, string algorithm, bool willCreateSignatures, CryptoProviderFactory cryptoProviderFactory)
Microsoft.IdentityModel.Tokens.CryptoProviderFactory.CreateSignatureProvider(SecurityKey key, string algorithm, bool willCreateSignatures)
Microsoft.IdentityModel.Tokens.CryptoProviderFactory.CreateForSigning(SecurityKey key, string algorithm)
Microsoft.IdentityModel.JsonWebTokens.JwtTokenUtilities.CreateEncodedSignature(string input, SigningCredentials signingCredentials)
System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.WriteToken(SecurityToken token)
Sample.Idp.Startup+<>c__DisplayClass7_0.<ConfigureServices>b__8(AuthorizationCodeReceivedContext context) in Startup.cs
Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectEvents.AuthorizationCodeReceived(AuthorizationCodeReceivedContext context)
Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.RunAuthorizationCodeReceivedEventAsync(OpenIdConnectMessage authorizationResponse, ClaimsPrincipal user, AuthenticationProperties properties, JwtSecurityToken jwt)
Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleRemoteAuthenticateAsync()

image

Using JetBrains Rider using IIS Express to run asp.net core 3.1 web application, my httpcontext was null and had issues getting request bodies etc.  The exception message was

Synchronous operations are disallowed. Call ReadAsync or set AllowSynchronousIO to true instead.

I could run the application with Visual Studio 2019 without any issue (on IIS Express), definitely confusing.

The issue was related to the following..

https://github.com/dotnet/aspnetcore/issues/8302

https://github.com/dotnet/aspnetcore/issues/7644


The solution…

public void ConfigureServices(IServiceCollection services)
{
    // If using Kestrel:
    services.Configure<KestrelServerOptions>(options =>
    {
        options.AllowSynchronousIO = true;
    });

    // If using IIS:
    services.Configure<IISServerOptions>(options =>
    {
        options.AllowSynchronousIO = true;
    });
}

About Us

Web/Mobile Solutions

Our Contacts

Cincinnati, OH 45069