Share via

System.Security.Cryptography.CryptographicException: Invalid provider type specified in WCF Web Services in Azure App Service

Sicoy Quito 21 Reputation points
2022-04-05T20:11:44.197+00:00

I have a WCF Web Services in Azure App Service , this WCF use a dll with RSA objects, WCF and dll were build in .NET Framework and C#. I tried use: 

RSACryptoServiceProvider rsaCryptoServiceProviderPrivateKey = (RSACryptoServiceProvider)p_x509Certificate2.PrivateKey;

and: 

RSA rsaPrivateKey = p_x509Certificate2.GetRSAPrivateKey();

but I have this error:

System.Security.Cryptography.CryptographicException: Invalid provider type specified.

at System.Security.Cryptography.Utils.CreateProvHandle(CspParameters parameters, Boolean randomKeyContainer)
at System.Security.Cryptography.Utils.GetKeyPairHelper(CspAlgorithmType keyType, CspParameters parameters, Boolean randomKeyContainer, Int32 dwKeySize, SafeProvHandle& safeProvHandle, SafeKeyHandle& safeKeyHandle)
at System.Security.Cryptography.RSACryptoServiceProvider.GetKeyPair()
at System.Security.Cryptography.RSACryptoServiceProvider..ctor(Int32 dwKeySize, CspParameters parameters, Boolean useDefaultKeySize)
at System.Security.Cryptography.X509Certificates.X509Certificate2.get_PrivateKey()

The Azure App Service configuration:

190288-image.png

How I can fix this problem?

Note: I only use X509Certificate2 file content, I do not have a file .pfx or .p12 in a physically store.

Thanks.

Developer technologies | .NET | Other
Developer technologies | ASP.NET | Other
Developer technologies | C#
Developer technologies | C#

An object-oriented and type-safe programming language that has its roots in the C family of languages and includes support for component-oriented programming.

0 comments
Answer accepted by question author
  1. Lan Huang-MSFT 30,211 Reputation points Microsoft External Staff
    2022-04-06T02:55:49.687+00:00

    Hi @Sicoy Quito ,
    You can try the following code to instantiate X509Certificate, used with GetRSAPrivateKey().
    You can also try changing the permissions of the folder 

    x509Certificate = new X509Certificate2(rawData, password, X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);

    Best regards,
    Lan Huang

    2 people found this answer helpful.

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2022-12-12T03:15:48.543+00:00

    I also had the same problem - I was able to solve only by importing the PFX into the local machine certificate store then re-exporting (with private key). But then I had to change my code to use UserKeySet instead of MachineKeySet (or it would throw an "Access denied" error just trying to create the X509Certificate, vs the previous error that occurred only when accessing the PrivateKey member).

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.