Receiving errors on moving from development to staging environments


We have implemented SAMLv2 with success on our development environment with little issue. We are using the saml.config file.

On moving to the staging environment we have encountered issues.

On starting the website and implementing the SSO we get an Access Denied message.
“System.Security.Cryptography.CryptographicException: Access denied.”

We have given the certificate folder and certificates access and on subsequent requests we do not get this message but:
“A valid SAML configuration hasn’t been specified.”

So every restart of the website we receive the Access Denied and all subsequent requests throw the SAML configuration error.

Are we missing something from the set up of the stage environment over the development?


Hi Pete
It sounds like a permissions error loading an X.509 certificate.
Please take a look at the following article. Note that you need to get the permissions right for the private key as well.
The other option to consider is to store certificate in the Windows certificate store rather than on the file system.
This may be easier as far as setting the permissions etc.


The issue on the stage server was with access for the IIS_IUSRS on the Machine Keys directory as per your artical

I gave access and it is all working.

Thank You


You’re welcome.