This is a real-edge case of working on the Windows platform. Beware.
Are you getting this stack trace?
“System.Security.Cryptography.CryptographicException: Error occurred during a cryptographic operation.”
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 |
[CryptographicException: Error occurred during a cryptographic operation.] System.Web.Security.Cryptography.HomogenizingCryptoServiceWrapper.HomogenizeErrors(Func`2 func, Byte[] input) +115 System.Web.Security.Cryptography.HomogenizingCryptoServiceWrapper.Unprotect(Byte[] protectedData) +59 System.Web.Security.MachineKey.Unprotect(ICryptoServiceProvider cryptoServiceProvider, Byte[] protectedData, String[] purposes) +62 System.Web.Security.MachineKey.Unprotect(Byte[] protectedData, String[] purposes) +122 System.IdentityModel.Services.MachineKeyTransform.Decode(Byte[] encoded) +51 System.IdentityModel.Tokens.SessionSecurityTokenHandler.ApplyTransforms(Byte[] cookie, Boolean outbound) +123 System.IdentityModel.Tokens.SessionSecurityTokenHandler.ReadToken(XmlReader reader, SecurityTokenResolver tokenResolver) +575 System.IdentityModel.Tokens.SessionSecurityTokenHandler.ReadToken(Byte[] token, SecurityTokenResolver tokenResolver) +76 System.IdentityModel.Services.SessionAuthenticationModule.ReadSessionTokenFromCookie(Byte[] sessionCookie) +410 System.IdentityModel.Services.SessionAuthenticationModule.TryReadSessionTokenFromCookie(SessionSecurityToken& sessionToken) +187 System.IdentityModel.Services.SessionAuthenticationModule.OnAuthenticateRequest(Object sender, EventArgs eventArgs) +126 System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +136 System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +69 |
Is it working in Internet Explorer but not in any other browser? Then this post is for you.
This assumes you have a certificate that you have installed yourself. All in PowerShell now, you should be able to find it:
|
1 |
$ ls cert:localmachinemy |
It gives me
|
1 2 |
Thumbprint Subject 89866139B5D499DFD04FE413E89351A9A2B8A922 CN=INDUCTION |
in my case.
But going to https://induction in FireFox crashes. Now try:
|
1 2 3 4 5 6 7 8 |
$ netsh http show sslcert SSL Certificate bindings: ------------------------- IP:port : 0.0.0.0:443 ... Certificate Store Name : (null) ... |
What you need to do in this case, is to re-register the certificate:
|
1 2 |
$ netsh http delete sslcert "ipport=0.0.0.0:443" $ netsh http add sslcert "ipport=0.0.0.0:443" "appid={$appId}" "certhash=$tp" "certstorename=MY" |
$appId is a guid, $tp is the thumbprint (found by doing ‘ls cert:localmachinemy’). The important part here is “certstorename=MY”, because without it, you might get an error in HomogenizingCryptoServiceWrapper.Unprotect – an interesting choice of name for that class for sure.
Now running:
|
1 2 3 4 5 6 7 |
$ netsh http show sslcert SSL Certificate bindings: ------------------------- IP:port : 0.0.0.0:443 ... Certificate Store Name : MY |
Shows the problem to be solved.
Jamie
4 Feb 2013Dude, bailed me out … we had the exact same problem with a ThinkTexture installation and your instructions fixed it for us.
Thank you and keep posting!
J
Laith Abbas
25 Sep 2014Jamie.. it still doesn’t work!!
What did you do?
Pingback: ThinkTexture Error occurred during a cryptographic operation « Korez73
Gianpiero
15 Oct 2013For me the symptom was identical but the solution has been different.
I followed your instruction all all was OK for me so I analysed the code finding out that the error was thrown by an auto login method trying to decrypt a cookie.
So I patched my code trapping the exception and deleting the cookie that was no more decryptable forcing the user to insert user/pwd again.
The error occurred after an important Microsoft update occurred in October 2013 that probably updated some decrypting algorithm.
Nicholas Lydon
13 Feb 2014I develop using Chrome, so when I got this exception I tried IE and it looked fine. What actually resolved it for me was just clearing the cookies in Chrome.
Humberto
14 Oct 2014Clearing cookies in Chrome also fixed it for me.
Zain
27 Nov 2014I downloaded a plugin for chrome called EditThisCookie.
It allowed me to delete the Cookie for JUST that site.
Bill Sorensen
24 Apr 2015Are you sure you don’t mean ls cert:localmachine/my (note the slash)?
Mei
19 Nov 2015Thank you so much!!! You really help me a lot!!!