.NET Framework Bookmark and Share   
 index > .NET StockTrader Sample Application > Server Error in '/TradeServiceWcf' Application
 

Server Error in '/TradeServiceWcf' Application

The application is currently unable to initialize from it's SQL Server Configuration configuration database, and is unable to start. Please ensure that (a) You have correctly installed the SQL Server database for the configuration database---see the StockTrader installation document; and (b) your connection strings in your config file (web.config for Web applictions and/or exe.config for the Service Host Console applications) are pointing to the correct configuration databases with proper login credentials. The exception is:

System.Configuration.ConfigurationErrorsException: Failed to decrypt using provider 'RsaProtectedConfigurationProvider'. Error message from the provider: The RSA key container could not be opened. (C:\stocktrader\StockTrader\StockTraderBusinessService\StockTraderBusinessServiceIISHosted\TradeWebServiceWcf\web.config line 16) ---> System.Configuration.ConfigurationErrorsException: The RSA key container could not be opened.
at System.Configuration.RsaProtectedConfigurationProvider.ThrowBetterException(Boolean keyMustExist)
at System.Configuration.RsaProtectedConfigurationProvider.GetCryptoServiceProvider(Boolean exportable, Boolean keyMustExist)
at System.Configuration.RsaProtectedConfigurationProvider.Decrypt(XmlNode encryptedNode)
at System.Configuration.ProtectedConfigurationSection.DecryptSection(String encryptedXml, ProtectedConfigurationProvider provider)
at System.Configuration.Internal.InternalConfigHost.System.Configuration.Internal.IInternalConfigHost.DecryptSection(String encryptedXml, ProtectedConfigurationProvider protectionProvider, ProtectedConfigurationSection protectedConfigSection)
at System.Configuration.Internal.DelegatingConfigHost.DecryptSection(String encryptedXml, ProtectedConfigurationProvider protectionProvider, ProtectedConfigurationSection protectedConfigSection)
at System.Configuration.BaseConfigurationRecord.CallHostDecryptSection(String encryptedXml, ProtectedConfigurationProvider protectionProvider, ProtectedConfigurationSection protectedConfig)
at System.Configuration.RuntimeConfigurationRecord.CallHostDecryptSection(String encryptedXml, ProtectedConfigurationProvider protectionProvider, ProtectedConfigurationSection protectedConfig)
at System.Configuration.BaseConfigurationRecord.DecryptConfigSection(ConfigXmlReader reader, ProtectedConfigurationProvider protectionProvider)
--- End of inner exception stack trace ---
at System.Configuration.BaseConfigurationRecord.EvaluateOne(String[] keys, SectionInput input, Boolean isTrusted, FactoryRecord factoryRecord, SectionRecord sectionRecord, Object parentResult)
at System.Configuration.BaseConfigurationRecord.Evaluate(FactoryRecord factoryRecord, SectionRecord sectionRecord, Object parentResult, Boolean getLkg, Boolean getRuntimeObject, Object& result, Object& resultRuntimeObject)
at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(String configKey, Boolean getLkg, Boolean checkPermission, Boolean getRuntimeObject, Boolean requestIsHere, Object& result, Object& resultRuntimeObject)
at System.Configuration.BaseConfigurationRecord.GetSection(String configKey, Boolean getLkg, Boolean checkPermission)
at System.Configuration.BaseConfigurationRecord.GetSection(String configKey)
at System.Web.HttpContext.GetSection(String sectionName)
at System.Web.Configuration.HttpConfigura

ababacar
See http://blogs.msdn.com/mosharaf/archive/2005/11/17/protectedConfiguration.aspxfor detail on encrypting connection strings.

Beginning with the 2.04 release of stocktrader (current version); all connection string information to configuration databases is encrypted within web.config (or app.exe.config) as a security best practice. The way this works in .NET is that on install (you must run the StockTrader MSI installer to properly install all elements of app on a machine, vs. just copying files), all web.config and .exe.config info contained within the <connectionString> section of the various config files for each compoent is encrypted using the local machine account and the built-in .NET framework RSAProtectedConfigurationProvider. Once enrypted using that machine's account on install, only that machine will be able to decrypt the information, by design. The issue you are having is that the account underwhich the ASPNET web apps are running (the application pool's identity) does not have rights to access the key store to decrypt the conn string to the configdatabase. The identity of the app pool for an ASP.NET app can vary, and the defaults are different depending on which version of Windows and/or Windows Server. For Win Server 2003 (not sure which OS you are running); I believe the following command, issued locally on your server, will address this issue:

aspnet_regiis -pa "NetFrameworkConfigurationKey" "ASPNET"

This command says: give the account named ASPNET rights to access the NetFrameworkConfigurationKey store; thus enabling an ASP.NET web app to properly decrypt the connection string info. On Server 2008, Vista and Win7, I have not had to issue any such command becuase the install of IIS/ASP.NET seems to take care of this automatically; and/or on these newer Win editions, due to fact app pools run as account "NetWorkService" and this account already has the required rights...But in any case, try the above command.

-Greg

Greg Leake, Microsoft
Gregory Leake

You can use google to search for other answers

Custom Search

More Threads

• Couldn't login
• Config Services in the Cloud
• Assembly Names
• get data from many file log
• Message Logging at Service Level
• Load Balanced Windows client app - Config & Node service ports
• stock trader Fatal Execution Error
• File System Watcher Issue in Window Services
• Config services for Service Gateway
• The exception encountered was: Invalid object name 'dbo.AccountProfile'
Home          Copyright 2009-2010 by netframeworkdev.com All rights reserved