INTERNET APPLICATION DEVELOPMENT
MID MARKET ERP DEVELOPMENT
by Derek Du
Have you had the headache of configuring permissions to your ApplicationPoolIdentity account while running your web application under it? The IIS APPPOOL\Name trick never works for me. I run the ICACLS command to find the user in the permission configuration window.
If your ApplicationPoolIdentity-using-web-application utilizes a certificate to encrypt/decrypt messages, such as a WCF web service with message level security, you have to figure out how to assign permissions based on the certificate of your ApplicationPoolIdentity user.
Now, add the Certificate's snap-in.
Once you find the certificate folder, right click and select Open. Now, select the Details tab in the Certificate dialog and find the Thumbprint of your certificate.
With the thumbprint selected, run the following command in the command line prompt.
>FindPrivateKey my localmachine -t ” THUMBPRINT “
**Please note, in this example I retrieved the certificate from a local device. Follow this link for directions on retrieving a certificate.**
By running this command, a folder returns with the name of your cert!
Finally, a simple ICACLS command grants the permission needed for your cert.
Thank you for taking time to read my blog. I hope you find this information helpful as you come across this situation.
Please note, this blog was published by Derek on December 4th in his personal blog found here.