Summary
When attempting to apply a patch to a version of the product that needs the Venafi Updater to proceed, the patching process fails with a stack trace similar or identical to the below:
System.TypeInitializationException: The type initializer for 'System.Runtime.Remoting.Identity' threw an exception. ---> System.Security.Cryptography.CryptographicException: The keyset is not defined.
at System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr)
at System.Security.Cryptography.Utils._AcquireCSP(CspParameters param, SafeProvHandle& hProv)
at System.Security.Cryptography.Utils.AcquireProvHandle(CspParameters parameters)
at System.Security.Cryptography.Utils.get_StaticProvHandle()
at System.Security.Cryptography.RNGCryptoServiceProvider..ctor(CspParameters cspParams)
at System.Runtime.Remoting.Identity..cctor()
With this error, the installation of the patch cannot proceed.
Cause
If you are using Windows Authentication for your SQL database, the Venafi Updater app pool, as well as the one used by Venafi WinAdmin, cannot impersonate a user that has permission to access the database.
Resolution
Log in as a user that has full permission to access and modify the Venafi SQL database when attempting to make use of Venafi Updater while using Windows Authentication.
For more information regarding this behavior see our article on Understanding Windows Authentication with MS SQL: https://support.venafi.com/hc/en-us/articles/215912957-Info-Understanding-Windows-Authentication-with-MS-SQL
Comments