Click here to Skip to main content
15,883,921 members
Search within:


IIS8 Keyset does not exist
Please Sign up or sign in to vote.
4.11/5 (2 votes)
See more:
IIS
I rebooted our server 2012 box, which hosts our new .net applications. After doing so, I started receiving a 503 error. Upon investigation, it seemed like an identity problem.

Before going much further, I should state that this account has worked for several months now. I've rebooted before, and everything started fine.

So I'm getting the (quite common) 5059, 5057, and 5021 errors in the log. They boil down to this:

Quote:
The identity of application pool SVFileUpload is invalid. The user name or password that is specified for the identity may be incorrect, or the user may not have batch logon rights. If the identity is not corrected, the application pool will be disabled when the application pool receives its first request. If batch logon rights are causing the problem, the identity in the IIS configuration store must be changed after rights have been granted before Windows Process Activation Service (WAS) can retry the logon. If the identity remains invalid after the first request for the application pool is processed, the application pool will be disabled. The data field contains the error number.



I thought I would just ensure the password and account were correct, so I go to the application pool, select identity-> custom and ensure it's set up right. I get an error:

Quote:
There was an error while performing this operation. Details: Keyset does not exist (Exception from HRESULT: 0x80090016)


This was strange to me, so I tried setting the app pool to a built in account, and it worked fine. I get this error anytime I try to set to a custom account. Also, no app pools that are using custom accounts will run.

I googled a bit, unsure which error was the one I needed to track. I have tried:

- registering the account on the command line via the aspnet_ tool
- Making sure the user was in the IIS_IUSRS group
- changing the permissions on C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys file(s)
- adding a completely new user and trying to set an app pool to that users account


There was a couple other random things I tried from googling but I don't remember.



This error doesn't make sense to me, and it seems random. I need help figuring out 1) why I can't set an app pool to a custom account and 2) why the identity isn't working for my applications anymore
Posted
Updated 2-Jul-14 9:18am
v2
Add a Solution
Comments
loctrice 2-Jul-14 15:17pm    
I removed and re-added the user account I've been working with. I think the only problem I'm having now is the "keyset doesn't exit" error.

1 solution

I found a couple of links that led me to a solution.

In c:\windows\system32\inetsrv\config\applicationHost.config I removed all the configProtectedData entries.

Then I removed everything in %ALLUSERSPROFILE%\Microsoft\Crypto\RSA\MachineKeys

I ran iissetup.exe /install SharedLibraries from the inetsrv directory, which resulted in a "Failed = 0x80070005"


I then was able to set up my application pools as if nothing happened.
 
Share this answer
 
Posted
Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month

Advertise
Privacy
Cookies
Terms of Use
Last Updated 2 Jul 2014
Layout: fixed | fluid
Copyright © CodeProject, 1999-2024
All Rights Reserved.

Web03 2.8:2024-04-02:1

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900