We are using Azure ACS together with WIF on a Win2003 R2 server, running Asp.Net 3.5 and receive the following exception once Azure ACS redirects back to our site:
Exception information:
Exception type: CryptographicException
Exception message: The system cannot find the file specified.
at System.Security.Cryptography.ProtectedData.Protect(Byte[] userData, Byte[] optionalEntropy, DataProtectionScope scope)
at Microsoft.IdentityModel.Web.ProtectedDataCookieTransform.Encode(Byte[] value)
From research it seems the AppPool Identity we are running the website under in IIS 6, might not have access to the relevant cryptographic keys, however we have not found a workaround.
The resolution turned out to be as per another post, we had to create a simple Windows Service which runs under the same account as our App Pool on Windows 2003 R2.