I am in the process of standing up new web servers from one in the farm (expanding the farm). These are Windows 2008 R2 servers (IIS 7.5). Part of the process of copying the applicationHost.config from one machine to a new one is that the RSA keys need to be copied to that machine as well; otherwise there may be issues with your application pools especially if you are using a domain user as a custom [pool] identity.
On the farm machine I am modeling from I use the following commands to export the .NET v4 keys:
aspnet_regiis.exe -px "iisConfigurationKey" "c:\temp\iisConfigurationKey.xml" -pri
aspnet_regiis.exe -px "iisWasKey" "c:\temp\iisWasKey.xml" -pri
When I run either of these commands I receive the error "RSA key container was not found". I have tried this from both .NET v2 & v4 and from Framework and Framework64 with the same results.
Is there a way I can determine where the keys are stored on this machine so I may get them transferred. I am a bit stuck until I can do this and be able to decrypt data in the applicationHost.config and get the app pools running again.
I guess my other question is, is there a way to reset the keys on the new machine (or reset the applicationHost.config file) so I may set a new custom identity on the application pool?
Make sure that when you open the cmd window that you do so as Administrator.
The aspnet_iisreg command will still run without being administrator but you will not be able to access the key container.
The message "RSA key container was not found" also will show if you don't have access to the container.
Once I opened the cmd console as administrator (right-click run as Administrator) the commands in the question worked as expected.