ComponentSpace

Forums



Problem Reading .PFX File When Running .Net Core App On Server


Problem Reading .PFX File When Running .Net Core App On Server

Author
Message
MichaelC
MichaelC
New Member
New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)

Group: Forum Members
Posts: 2, Visits: 2
I have managed to get SAML authentication working with my company's IDP in a new .Net Core app (V2.2), but only when running locally out of Visual Studio 2017.  When I publish to our Windows server running IIS, the app works fine (home page loads and other pages render properly) but when I try to authenticate I'm getting this error: ".Initiation of SSO to the partner identity provider has failed. The X.509 certificate could not be loaded from the file D:\www\TrainingAppWeb\WebRoot\wwwroot\certificates\sp.pfx".  I have verified that the file was indeed published to the server.  Is this a permissions problem?

TIA,

Michael C
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
Hi Michael,
It's most likely a permissions error.
Please take a look at the "Certificate File Permissions" section in the Certificate Guide.
The following forum article also has information on certificate file permissions.
https://www.componentspace.com/Forums/29/Troubleshooting-Loading-X509-Certificates
If you're still having problems, you're welcome to enable SAML trace and send the generated log file to [email protected].
https://www.componentspace.com/Forums/7936/Enabling-SAML-Trace


Regards
ComponentSpace Development
MichaelC
MichaelC
New Member
New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)

Group: Forum Members
Posts: 2, Visits: 2
ComponentSpace - 9/9/2019
Hi Michael,
It's most likely a permissions error.
Please take a look at the "Certificate File Permissions" section in the Certificate Guide.
The following forum article also has information on certificate file permissions.
https://www.componentspace.com/Forums/29/Troubleshooting-Loading-X509-Certificates
If you're still having problems, you're welcome to enable SAML trace and send the generated log file to [email protected].
https://www.componentspace.com/Forums/7936/Enabling-SAML-Trace

I got this working by using a certificate already in the certificate store on the server.  The Certificate Guide made this easy to accomplish.  Accessing a .pfx file on my PC is easy, as I have full control over it, but the server needed to have a different configuration, and accessing certificates in the existing store made more sense.
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
Thanks for the update. Yes, using the certificate store often is a better solution. It's certainly easier to set the permissions on a certificate stored in the certificate store.

Regards
ComponentSpace Development
GO


Similar Topics


Execution: 0.000. 3 queries. Compression Enabled.
Login
Existing Account
Email Address:


Password:


Select a Forum....












Forums, Documentation & Knowledge Base - ComponentSpace


Search