Question

Exception when testing Identity Service Connect token via Postman 'the system cannot find the path specified'

Hello everyone,
I have set up and configured Identity Service in IIS and now I am trying to test it in postman (https://identityservice_url/connect/token).
 
I am getting the following exception in identity service log:
 
IdentityServer4.Hosting.IdentityServerMiddleware[0]
     Unhandled exception: The system cannot find the file specified.
     Internal.Cryptography.CryptoThrowHelper+WindowsCryptographicException: The system cannot find the file specified.
        at System.Security.Cryptography.CngKey.Open(String keyName, CngProvider provider, CngKeyOpenOptions openOptions)
        at System.Security.Cryptography.CngKey.Open(String keyName, CngProvider provider)
        at Internal.Cryptography.Pal.CertificatePal.GetPrivateKey[T](Func`2 createCsp, Func`2 createCng)
        at Internal.Cryptography.Pal.CertificatePal.GetRSAPrivateKey()
        at Internal.Cryptography.Pal.CertificateExtensionsCommon.GetPrivateKey[T](X509Certificate2 certificate, Predicate`1 matchesConstraints)
        at System.Security.Cryptography.X509Certificates.RSACertificateExtensions.GetRSAPrivateKey(X509Certificate2 certificate)
        at Microsoft.IdentityModel.Tokens.X509SecurityKey.get_PrivateKey()
        at Microsoft.IdentityModel.Tokens.X509SecurityKey.get_PrivateKeyStatus()
        at Microsoft.IdentityModel.Tokens.AsymmetricSignatureProvider.FoundPrivateKey(SecurityKey key)
        at Microsoft.IdentityModel.Tokens.AsymmetricSignatureProvider..ctor(SecurityKey key, String algorithm, Boolean willCreateSignatures)
        at Microsoft.IdentityModel.Tokens.AsymmetricSignatureProvider..ctor(SecurityKey key, String algorithm, Boolean willCreateSignatures, CryptoProviderFactory cryptoProviderFactory)
        at Microsoft.IdentityModel.Tokens.CryptoProviderFactory.CreateSignatureProvider(SecurityKey key, String algorithm, Boolean willCreateSignatures, Boolean cacheProvider)
        at Microsoft.IdentityModel.Tokens.CryptoProviderFactory.CreateForSigning(SecurityKey key, String algorithm, Boolean cacheProvider)
        at Microsoft.IdentityModel.Tokens.CryptoProviderFactory.CreateForSigning(SecurityKey key, String algorithm)
        at Microsoft.IdentityModel.JsonWebTokens.JwtTokenUtilities.CreateEncodedSignature(String input, SigningCredentials signingCredentials)
        at Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.CreateTokenPrivate(String payload, SigningCredentials signingCredentials, EncryptingCredentials encryptingCredentials, String compressionAlgorithm, IDictionary`2 additionalHeaderClaims, IDictionary`2 additionalInnerHeaderClaims, String tokenType)
        at Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.CreateToken(String payload, SigningCredentials signingCredentials, IDictionary`2 additionalHeaderClaims)
        at IdentityServer4.Services.DefaultTokenCreationService.CreateJwtAsync(Token token, String payload, Dictionary`2 headerElements)
        at IdentityServer4.Services.DefaultTokenCreationService.CreateTokenAsync(Token token)
        at IdentityServer4.Services.DefaultTokenService.CreateSecurityTokenAsync(Token token)
        at IdentityServer4.ResponseHandling.TokenResponseGenerator.CreateAccessTokenAsync(ValidatedTokenRequest request)
        at IdentityServer4.ResponseHandling.TokenResponseGenerator.ProcessTokenRequestAsync(TokenRequestValidationResult validationResult)
        at IdentityServer4.ResponseHandling.TokenResponseGenerator.ProcessAsync(TokenRequestValidationResult request)
        at IdentityServer4.Endpoints.TokenEndpoint.ProcessTokenRequestAsync(HttpContext context)
        at IdentityServer4.Endpoints.TokenEndpoint.ProcessAsync(HttpContext context)
        at IdentityServer4.Hosting.IdentityServerMiddleware.Invoke(HttpContext context, IEndpointRouter router, IUserSession session, IEventService events, IBackChannelLogoutService backChannelLogoutService)
fail: Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware[1]
     An unhandled exception has occurred while executing the request.
     Internal.Cryptography.CryptoThrowHelper+WindowsCryptographicException: The system cannot find the file specified.
        at System.Security.Cryptography.CngKey.Open(String keyName, CngProvider provider, CngKeyOpenOptions openOptions)
        at System.Security.Cryptography.CngKey.Open(String keyName, CngProvider provider)
        at Internal.Cryptography.Pal.CertificatePal.GetPrivateKey[T](Func`2 createCsp, Func`2 createCng)
        at Internal.Cryptography.Pal.CertificatePal.GetRSAPrivateKey()
        at Internal.Cryptography.Pal.CertificateExtensionsCommon.GetPrivateKey[T](X509Certificate2 certificate, Predicate`1 matchesConstraints)
        at System.Security.Cryptography.X509Certificates.RSACertificateExtensions.GetRSAPrivateKey(X509Certificate2 certificate)
        at Microsoft.IdentityModel.Tokens.X509SecurityKey.get_PrivateKey()
        at Microsoft.IdentityModel.Tokens.X509SecurityKey.get_PrivateKeyStatus()
        at Microsoft.IdentityModel.Tokens.AsymmetricSignatureProvider.FoundPrivateKey(SecurityKey key)
        at Microsoft.IdentityModel.Tokens.AsymmetricSignatureProvider..ctor(SecurityKey key, String algorithm, Boolean willCreateSignatures)
        at Microsoft.IdentityModel.Tokens.AsymmetricSignatureProvider..ctor(SecurityKey key, String algorithm, Boolean willCreateSignatures, CryptoProviderFactory cryptoProviderFactory)
        at 
 
Does someone knows why might this be happening?
 
I am attaching a screenshot of the appsettings.json file
Like 0

Like

2 comments

Screenshot of appsettings.json

Hello!

 

To test the identity service run it and try to test by http://[path-to-dentity]/.well-known/openid-configuration

 

This is mentioned here in the documentation. Regularly to fix this issue help next:

for the IdentityService application pool, the pool setting ProcessModel->Load User Profile = true must be specified.

Show all comments