CodePartners - Software Development - Dallas, Texas Software Development - Sage Accpac Customization - SageCRM Customization
Login
pay invoice online  |  remote assistance  |  
  • INTERNET APPLICATION DEVELOPMENT

    • Services
      • Web Application Development
      • Mobile Applications
      • Integration Solutions
      • Staff Augmentation
    • Technologies
    • How we work
    • About us
    • Success stories
    • Blog
  • MID MARKET ERP DEVELOPMENT

    • Intacct
    • Sage CRM
    • Sage
    • Sage Component Catalog
    • How We Work
    • About Us
    • Success Stories
    • Blog

Blog

CodePartners Blog

rss


Assigning Permission on a Certificate for an ApplicationPoolIdentity Account

SHARE THIS
Facebook twitter linkedin Print Print
Print Email

by Derek Du

Have you had the headache of configuring permissions to your ApplicationPoolIdentity account while running your web application under it? The IIS APPPOOL\Name trick never works for me. I run the ICACLS command to find the user in the permission configuration window.

If your ApplicationPoolIdentity-using-web-application utilizes a certificate to encrypt/decrypt messages, such as a WCF web service with message level security, you have to figure out how to assign permissions based on the certificate of your ApplicationPoolIdentity user.

Similarly, assigning permissions to another file, you can either use the IIS APPPOOL\Name method or use the ICACLS command. The ICACLS approach requires a file path to add a user account. Since the certificate is deeply stored and found under a different name than your original certificate, it makes it difficult to find.

HOW TO FIND THE CERTIFICATE PATH? 

First, a tool called FindPrivateKey.exe, from Microsoft is required. Please note, it is difficult to find the executable link to download this file. You will find it as part of WCF services sample code. Please follow this link to access the source codes. Then, unzip and compile the project from the folder: C:\WF_WCF_Samples\WCF\Setup\FindPrivateKey\. After the compilation, you have an executable file!

This tool helps you find your certificate’s actual file location with the certificate’s thumbprint. To find the thumbprint, open Microsoft Management Console:


 

Now, add the Certificate's snap-in.

 

 

 

Once you find the certificate folder, right click and select Open. Now, select the Details tab in the Certificate dialog and find the Thumbprint of your certificate.

 

 

With the thumbprint selected, run the following command in the command line prompt.

>FindPrivateKey my localmachine -t ” THUMBPRINT “

**Please note, in this example I retrieved the certificate from a local device. Follow this link for directions on retrieving a certificate.**

By running this command, a folder returns with the name of your cert!

 

Finally, a simple ICACLS command grants the permission needed for your cert.

 

Thank you for taking time to read my blog.  I hope you find this information helpful as you come across this situation.

Please note, this blog was published by Derek on December 4th in his personal blog found here.




Comments are closed.
On December 6, 2013 in Development, General, Web application, Web Development [Post:by]
Tagged With: Applicationpoolidentity, Certificate, Find Private Key, iis appool, permission , wcf / 4631 Views

Search

Categories

  • General (166) rss
  • Development (158) rss
  • Success Stories (40) rss
  • Products (29) rss
  • Uncategorized (18) rss
  • BTerrell Group (5) rss
  • Project Management (22) rss
  • Web Development (57) rss
  • Web application (33) rss
  • Integration (19) rss
  • Mobile Development (7) rss

Archives

  • 2015
    • January (5)
    • February (7)
    • March (6)
    • April (5)
    • May (2)
  • 2014
    • January (13)
    • February (12)
    • March (13)
    • April (12)
    • May (11)
    • June (12)
    • July (11)
    • August (13)
    • September (10)
    • October (8)
    • November (6)
    • December (4)
  • 2013
    • April (73)
    • May (22)
    • June (20)
    • July (20)
    • August (22)
    • September (19)
    • October (13)
    • November (12)
    • December (7)

Tags

.NET Accpac app development application customization application development automation Azure C# cloud components Crystal Reports customization development ERP general ledger HTML5 Intacct Intacct Platform Services integration JQuery load balancer mass update mobile development OCR Order Entry outsourcing PO pricing product development project management REST Sage 300 ERP Sage CRM software integration trigger user interface Visual Studio web application web development website development Workforce Go! .NET ACA accpac Ajax Amazon AP invoices application development Arxis ASP.NET automation Axure BTerrell Group C# Cloud computing CodePartners Constant Contact credit card processing CRM crystal reports custom software Customer Service Customization Delete team project design phase Development doc-link DRILLDWNLK ERP event Excel GLAFS Intacct Intacct Advantage Intacct Platform Services Integration Java script JavaScript jQuery Kerr Consulting LinkedIn Microsoft MSSQL Offshoring outsourcing payroll PCI compliance PCI-DSS Pivot PJC project management sage Sage 300 Sage 300 ERP Sage Accpac ERP Sage CRM Smart Rule social media software testing SQL SQL Query SQL Server staff augmentation sub-ledger success success story TFS Trouble shooting UI design Visual Studio WCF Web API web application web design web development Webinar website Windows Windows Azure XML
Email this article from Codepartners.com
Separate multiple addresses with commas(,)
To: *   Copy me
Subject:
From: *
Message:
ABOUT US / CONTACT US / NEWS & EVENTS
CodePartners / 16200 Addison Rd. STE 270 / Addison, Texas 75001 / Phone: 214-647-2611 / Toll Free: 866-647-2611 / Fax: 214-647-2612 / info@codepartners.com
© 2006 - 2015 codepartners.com All Rights Reserved.