So for the past few hours, I’ve been trying to hunt down the source of an error in a .Net 4.0 web application running on IIS. The error we were getting was something along these lines when attempting to log in to the web app which uses the Cryptography Next Generation functions:
Object was not found. System.Security.Cryptography.CryptographicException: Object was not found. at System.Security.Cryptography.NCryptNative.CreatePersistedKey(SafeNCryptProviderHandle provider, String algorithm, String name, CngKeyCreationOptions options) at System.Security.Cryptography.CngKey.Create(CngAlgorithm algorithm, String keyName, CngKeyCreationParameters creationParameters) at System.Security.Cryptography.ECDiffieHellmanCng.get_Key() at System.Security.Cryptography.ECDiffieHellmanCng.DeriveKeyMaterial(CngKey otherPartyPublicKey) at System.Security.Cryptography.ECDiffieHellmanCng.DeriveKeyMaterial(ECDiffieHellmanPublicKey otherPartyPublicKey) at AfeWebClient.Login.LoginButton_Click(Object sender, EventArgs e)
It took a good two and a half to three hours to figure this one out (my google-fu finally won!).
This can be fixed by doing the following:
1. Go into IIS and select the application pool that the web app is running under. Right click->Advanced Setting
2. Under the Process Model heading, look at the Load User Profile setting and set it to True.
3. (You may need to restart IIS, and re-load the web page.)
I’m not entirely sure what that sett does, but it seemed to fix the problem. The little blurb about the setting talks about it behaving like IIS 6.0. We haven’t tried this yet on IIS 6.0, but to get things working on IIS 7, this did the trick.