I have an ASP.NET web app running on my STAGE server (Windows 2003 server with IIS 6).
I've started using Google Analytics Core Reporting API in my application, and it worked great on my DEV box (Windows 7 / IIS 7.5)
As I moved my code to STAGE server, I started getting "The system cannot find the file specified" exception; the solution was to load the user profile with the App Pool identity, but IIS 6 does not have that feature.
I've found a work-around for IIS 6, which was to give the App Pool account Read/Write permissions on
C:\Document and Settings\All Users\Application Data\Microsoft\Crypto\RSA\Machine Keys
When I set the permissions, I've applied them to all child entities (via Advanced option); not only this didn't fix the error; but it also broke the SSL connection to my site.
I get Error 107 (net::ERR_SSL_PROTOCOL_ERROR): SSL protocol error.
; non-SSL url works just fine.
My question is how to restore the proper permissions on C:\Document and Settings\All Users\Application Data\Microsoft\Crypto\RSA\Machine Keys
and fix my SSL connection?
Any other suggestions on fixing my SSL connection would be appreciated.
I gave up on fixing the issue, since I was moving the application to a different server anyways; and it didn't look like any other applications were affected.
Then I restarted IIS, and all hell broke loose.
IIS was not starting back up; IIS Admin Service
was not starting with "Error 6: Handle is invalid".
That error helped me to get to the bottom of the issue, and find the correct permissions on the MachineKeys
folder.
This article pointed me to Default permissions for the MachineKeys folders - KB 278381 which had the correct permissions.
NOTE: KB article states that Everyone
should have Special Permissions
on This folder only
; yet sharepoint-geek's article suggests applying those permissions to This folder, subfolders, and files
(which I did).
Once the permissions were fixed, iisreset
worked and even my SSL issue was resolved.
Hope this saves somebody hours of frustration.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With