Hi,
We have created a Provider Hosted app and we are able to invoke the same from the IIS Express.
The AppManifest.xml file contains the appweburl as ~remoteappweburl/Pages/Default.aspx.
I have Published the appweb in IIS and i have changed the Url of the appweb like
http://localhost:PortNo:/AppInvoking/Virtualdirectory/Pages/Default.aspx.
When i click on the App Title i am getting System.Cyptography Acess denied issue for the X509 Certificate.
This issue is popping up from the TokenHelper.TrustAllCertificates method.
I have provided permissions to the RSA Machine Keys folders as provided in many blogs.
But still i am not able to invoke the appweb from IISWebServer.
Please let me know your thoughts.
I have observerd few things while troubleshooting the issue.
We tried remote debugging of high trust app that hosted on IIS server(not express) .
we have identified below things.
During debug process we found null value for app id/client id in token helper class though we give
the app id value in web.config .
We went to virtual directory folder on IIS after publishing of .Net web and verified the web.config file
and came to know that Client Id and Client Secret values are found "empty" there .
Basically after publishing the .Net project on IIS from VS 2012 the above two values are getting
disappeared in web.config of virtual directory though we have specified in our solution web.config(Whether its the expected behavoir) while publishing the appweb . I
hope this is the reason why high trust app is failing to talk to SharePoint server from IIS Server .
Once I manually entered the client id value on web.config in virtual directory now its failing with
Access denied error in line 521 of TokenHelper Class file.
private static X509Certificate2 ClientCertificate = (string.IsNullOrEmpty(ClientSigningCertificatePath) || string.IsNullOrEmpty(ClientSigningCertificatePassword)) ? null : new X509Certificate2(ClientSigningCertificatePath, ClientSigningCertificatePassword);
But when i use Quick Watch i am able to see all the attributes available in the TokenHelper Class including CertificatePath and Password.
I am not sure why its failing.Please let me know if anybody faced this issue earlier.
Exception information:
Exception type: TypeInitializationException
Exception message: The type initializer for 'MyStore.TokenHelper' threw an exception.
at MyStore.TokenHelper.TrustAllCertificates()
at MyStore._Default.Page_Load(Object sender, EventArgs e) in c:\Users\Administrator\Documents\Visual Studio 2012\Projects\MyStore\MyStore\Default.aspx.cs:line 15
at System.Web.UI.Control.LoadRecursive()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
Access is denied.
at System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr)
at System.Security.Cryptography.X509Certificates.X509Utils._QueryCertFileType(String fileName)
at System.Security.Cryptography.X509Certificates.X509Certificate.LoadCertificateFromFile(String fileName, Object password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(String fileName, String password)
at MyStore.TokenHelper..cctor() in c:\Users\Administrator\Documents\Visual Studio 2012\Projects\MyStore\MyStore\TokenHelper.cs:line 521
Thanks, Vijay Arul Lourdu