Search code examples
visual-studioideiis-express

m_safeCertContext is an invalid handle - why does my code work in production but not in dev environment?

After I enabled HTTPS in my project, I started to receive an error page with this error: m_safeCertContext is an invalid handle

The code runs great in production on the web server.

I am running Visual Studio 2017 15.3.0.

I have updated sslFlags to <access sslFlags="SslNegotiateCert" /> and I have ensured iisClientCertificateMappingAuthentication is set to <iisClientCertificateMappingAuthentication enabled="true"></iisClientCertificateMappingAuthentication>

The below are my IIS Express application pool settings:

<applicationPools>
            <add name="Clr4IntegratedAppPool" managedRuntimeVersion="v4.0" managedPipelineMode="Integrated" CLRConfigFile="%IIS_USER_HOME%\config\aspnet.config" autoStart="true" />
            <add name="Clr4ClassicAppPool" managedRuntimeVersion="v4.0" managedPipelineMode="Classic" CLRConfigFile="%IIS_USER_HOME%\config\aspnet.config" autoStart="true" />
            <add name="Clr2IntegratedAppPool" managedRuntimeVersion="v2.0" managedPipelineMode="Integrated" CLRConfigFile="%IIS_USER_HOME%\config\aspnet.config" autoStart="true" />
            <add name="Clr2ClassicAppPool" managedRuntimeVersion="v2.0" managedPipelineMode="Classic" CLRConfigFile="%IIS_USER_HOME%\config\aspnet.config" autoStart="true" />
            <add name="UnmanagedClassicAppPool" managedRuntimeVersion="" managedPipelineMode="Classic" autoStart="true" />
            <applicationPoolDefaults managedRuntimeLoader="v4.0">
                <processModel loadUserProfile="true" />                                
            </applicationPoolDefaults>
</applicationPools>

full text from error page:

Server Error in '/' Application.
m_safeCertContext is an invalid handle.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.Security.Cryptography.CryptographicException: m_safeCertContext is an invalid handle.

Source Error:


Line 383:                    HttpClientCertificate httpCert = HttpContext.Current.Request.ClientCertificate;
Line 384:                    X509Certificate2 x509Cert = new X509Certificate2(httpCert.Certificate);
Line 385:                    _subject = x509Cert.Subject;
Line 386:                    _sCustomerId = CustomerQueries.getCustomerId(_subject);
Line 387:                    LoadCustomerAttributes(CustomerQueries.getCustomerAttributes(_sCustomerId));

Source File: C:\$TFS\Reports\Projects\WebMaster\Customers\Classes\Customer.cs    Line: 385

Stack Trace:


[CryptographicException: m_safeCertContext is an invalid handle.]
   System.Security.Cryptography.X509Certificates.X509Certificate.ThrowIfContextInvalid() +12505161
   System.Security.Cryptography.X509Certificates.X509Certificate.get_Subject() +14
   ReportsRG.Projects.WebMaster.Customers.Classes.Customer.GetUserDataFromCertificate() in C:\$TFS\SMRT\Dev\ReportsRG\Projects\WebMaster\Customers\Classes\Customer.cs:385
   ReportsRG.Projects.WebMaster.Customers.Classes.Customer..ctor() in C:\$TFS\SMRT\Dev\ReportsRG\Projects\WebMaster\Customers\Classes\Customer.cs:322
   MVCPages.Controllers.SmrtController.Index() in C:\$TFS\SMRT\Dev\MVCPages\Controllers\SmrtController.cs:39
   lambda_method(Closure , ControllerBase , Object[] ) +61
   System.Web.Mvc.ActionMethodDispatcher.Execute(ControllerBase controller, Object[] parameters) +14
   System.Web.Mvc.ReflectedActionDescriptor.Execute(ControllerContext controllerContext, IDictionary`2 parameters) +157
   System.Web.Mvc.ControllerActionInvoker.InvokeActionMethod(ControllerContext controllerContext, ActionDescriptor actionDescriptor, IDictionary`2 parameters) +27
   System.Web.Mvc.Async.<>c.<BeginInvokeSynchronousActionMethod>b__9_0(IAsyncResult asyncResult, ActionInvocation innerInvokeState) +22
   System.Web.Mvc.Async.WrappedAsyncResult`2.CallEndDelegate(IAsyncResult asyncResult) +29
   System.Web.Mvc.Async.WrappedAsyncResultBase`1.End() +49
   System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeActionMethod(IAsyncResult asyncResult) +32
   System.Web.Mvc.Async.<>c__DisplayClass11_0.<InvokeActionMethodFilterAsynchronouslyRecursive>b__0() +58
   System.Web.Mvc.Async.<>c__DisplayClass11_2.<InvokeActionMethodFilterAsynchronouslyRecursive>b__2() +228
   System.Web.Mvc.Async.<>c__DisplayClass7_0.<BeginInvokeActionMethodWithFilters>b__1(IAsyncResult asyncResult) +10
   System.Web.Mvc.Async.WrappedAsyncResult`1.CallEndDelegate(IAsyncResult asyncResult) +10
   System.Web.Mvc.Async.WrappedAsyncResultBase`1.End() +49
   System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeActionMethodWithFilters(IAsyncResult asyncResult) +34
   System.Web.Mvc.Async.<>c__DisplayClass3_6.<BeginInvokeAction>b__4() +35
   System.Web.Mvc.Async.<>c__DisplayClass3_1.<BeginInvokeAction>b__1(IAsyncResult asyncResult) +100
   System.Web.Mvc.Async.WrappedAsyncResult`1.CallEndDelegate(IAsyncResult asyncResult) +10
   System.Web.Mvc.Async.WrappedAsyncResultBase`1.End() +49
   System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeAction(IAsyncResult asyncResult) +27
   System.Web.Mvc.<>c.<BeginExecuteCore>b__152_1(IAsyncResult asyncResult, ExecuteCoreState innerState) +11
   System.Web.Mvc.Async.WrappedAsyncVoid`1.CallEndDelegate(IAsyncResult asyncResult) +29
   System.Web.Mvc.Async.WrappedAsyncResultBase`1.End() +49
   System.Web.Mvc.Controller.EndExecuteCore(IAsyncResult asyncResult) +45
   System.Web.Mvc.<>c.<BeginExecute>b__151_2(IAsyncResult asyncResult, Controller controller) +13
   System.Web.Mvc.Async.WrappedAsyncVoid`1.CallEndDelegate(IAsyncResult asyncResult) +22
   System.Web.Mvc.Async.WrappedAsyncResultBase`1.End() +49
   System.Web.Mvc.Controller.EndExecute(IAsyncResult asyncResult) +26
   System.Web.Mvc.Controller.System.Web.Mvc.Async.IAsyncController.EndExecute(IAsyncResult asyncResult) +10
   System.Web.Mvc.<>c.<BeginProcessRequest>b__20_1(IAsyncResult asyncResult, ProcessRequestState innerState) +28
   System.Web.Mvc.Async.WrappedAsyncVoid`1.CallEndDelegate(IAsyncResult asyncResult) +29
   System.Web.Mvc.Async.WrappedAsyncResultBase`1.End() +49
   System.Web.Mvc.MvcHandler.EndProcessRequest(IAsyncResult asyncResult) +28
   System.Web.Mvc.MvcHandler.System.Web.IHttpAsyncHandler.EndProcessRequest(IAsyncResult result) +9
   System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +9850009
   System.Web.<>c__DisplayClass285_0.<ExecuteStepImpl>b__0() +26
   System.Web.StepInvoker.Invoke(Action executionStep) +107
   System.Web.<>c__DisplayClass4_0.<Invoke>b__0() +23
   Microsoft.AspNet.TelemetryCorrelation.TelemetryCorrelationHttpModule.OnExecuteRequestStep(HttpContextBase context, Action step) +64
   System.Web.<>c__DisplayClass284_0.<OnExecuteRequestStep>b__0(Action nextStepAction) +56
   System.Web.StepInvoker.Invoke(Action executionStep) +91
   System.Web.<>c__DisplayClass4_0.<Invoke>b__0() +23
   Microsoft.ApplicationInsights.Web.ApplicationInsightsHttpModule.OnExecuteRequestStep(HttpContextBase context, Action step) in /_/WEB/Src/Web/Web/ApplicationInsightsHttpModule.cs:164
   System.Web.<>c__DisplayClass284_0.<OnExecuteRequestStep>b__0(Action nextStepAction) +56
   System.Web.StepInvoker.Invoke(Action executionStep) +91
   System.Web.HttpApplication.ExecuteStepImpl(IExecutionStep step) +9956298
   System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +163
Solution

  • I was updating the wrong ApplicationHost.config file.

    The correct one is located at .vs\config in the solution root.

    I was updating the one located at: C:\Users\[username]\Documents\IISExpress\config\

    Once I updated the correct ApplicationHost.config file, the code started working in my local development environment.