SSL problem when database user requires X509
Thanks for getting us the upgraded version of the drivers.
Unfortunately, the problem still appears on Windows 7/2008 when the database requires X509. We are unable to connect to the database from the web process if the windows services start first thus creating the original problem with file permissions. Any suggestions?
			
									
									
						Unfortunately, the problem still appears on Windows 7/2008 when the database requires X509. We are unable to connect to the database from the web process if the windows services start first thus creating the original problem with file permissions. Any suggestions?
Please give us the following information:
1) the exact text of the error you are getting now. Does it occur on openning connection?
2) your current version of your dotConnect for MySQL (x.xx.xx). You can find it in the Tools > MySQL > About menu of Visual Studio;
3) the exact version, edition, and capacity of your operating systems (Windows 7 and Windows Server 2008);
4) the versions of your IIS and used ASP.NET.
			
									
									
						1) the exact text of the error you are getting now. Does it occur on openning connection?
2) your current version of your dotConnect for MySQL (x.xx.xx). You can find it in the Tools > MySQL > About menu of Visual Studio;
3) the exact version, edition, and capacity of your operating systems (Windows 7 and Windows Server 2008);
4) the versions of your IIS and used ASP.NET.
1. Exception Details
Couldn't acquire crypto service provider context.
Description: An unhandled exception occurred during the execution of the
current web request. Please review the stack trace for more information about
the error and where it originated in the code.
Exception Details: System.Security.Cryptography.CryptographicException:
Couldn't acquire crypto service provider context.
Source Error:
An unhandled exception was generated during the execution of the current web
request. Information regarding the origin and location of the exception can be
identified using the exception stack trace below.
Stack Trace:
[CryptographicException: Couldn't acquire crypto service provider context.]
Devart.Security.SSL.f.a(IAsyncResult A_0) +203
Devart.Security.SSL.f.a(Byte[] A_0, Int32 A_1, Int32 A_2, SocketFlags A_3)
+67
Devart.Security.SSL.y.a(Byte[] A_0, Int32 A_1, Int32 A_2) +21
Devart.Common.ak.a(Byte[] A_0, Int32 A_1, Int32 A_2) +49
Devart.Common.s.d(Byte[] A_0, Int32 A_1, Int32 A_2) +60
[MySqlException (0x80004005): Can't connect to MySQL server on 'localhost'
(10061): Authentication failed.]
Devart.Data.MySql.v.a(String A_0, String A_1, String A_2, String A_3, Int32
A_4, String A_5, Int32 A_6, SshOptions A_7, SslOptions A_8, ProxyOptions A_9,
MySqlHttpOptions A_10, HttpOptions A_11) +3694
Devart.Data.MySql.MySqlInternalConnection.Connect(MySqlConnection owner,
String userId, String password, String host, String database, Int32 port, Int32
connectionTimeout, MySqlProtocol protocol, Boolean compress, Boolean
clientInteractive) +650
Devart.Data.MySql.MySqlInternalConnection..ctor(p connectionOptions,
MySqlConnection owner) +113
Devart.Data.MySql.as.a(u A_0, Object A_1, DbConnectionBase A_2) +68
Devart.Common.DbConnectionFactory.a(DbConnectionPool A_0, u A_1,
DbConnectionBase A_2) +88
Devart.Common.DbConnectionPoolGroup.a(DbConnectionPool A_0, DbConnectionBase
A_1) +22
Devart.Common.DbConnectionPool.a(DbConnectionBase A_0) +45
Devart.Common.DbConnectionPool.GetObject(DbConnectionBase owningConnection)
+523
Devart.Common.DbConnectionFactory.a(DbConnectionBase A_0) +202
Devart.Common.DbConnectionClosed.Open(DbConnectionBase outerConnection) +138
Devart.Common.DbConnectionBase.Open() +149
2. Devart.Data.MySql version: 6.0.58.0
3. It is a dual core, 4GB RAM Windows 2008 64 bit machine. We saw the problem on Windows 7 Pro 64 bit machine as well.
4. IIS 7.0 (and IIS 7.5), ASP.Net 3.5
			
									
									
						Couldn't acquire crypto service provider context.
Description: An unhandled exception occurred during the execution of the
current web request. Please review the stack trace for more information about
the error and where it originated in the code.
Exception Details: System.Security.Cryptography.CryptographicException:
Couldn't acquire crypto service provider context.
Source Error:
An unhandled exception was generated during the execution of the current web
request. Information regarding the origin and location of the exception can be
identified using the exception stack trace below.
Stack Trace:
[CryptographicException: Couldn't acquire crypto service provider context.]
Devart.Security.SSL.f.a(IAsyncResult A_0) +203
Devart.Security.SSL.f.a(Byte[] A_0, Int32 A_1, Int32 A_2, SocketFlags A_3)
+67
Devart.Security.SSL.y.a(Byte[] A_0, Int32 A_1, Int32 A_2) +21
Devart.Common.ak.a(Byte[] A_0, Int32 A_1, Int32 A_2) +49
Devart.Common.s.d(Byte[] A_0, Int32 A_1, Int32 A_2) +60
[MySqlException (0x80004005): Can't connect to MySQL server on 'localhost'
(10061): Authentication failed.]
Devart.Data.MySql.v.a(String A_0, String A_1, String A_2, String A_3, Int32
A_4, String A_5, Int32 A_6, SshOptions A_7, SslOptions A_8, ProxyOptions A_9,
MySqlHttpOptions A_10, HttpOptions A_11) +3694
Devart.Data.MySql.MySqlInternalConnection.Connect(MySqlConnection owner,
String userId, String password, String host, String database, Int32 port, Int32
connectionTimeout, MySqlProtocol protocol, Boolean compress, Boolean
clientInteractive) +650
Devart.Data.MySql.MySqlInternalConnection..ctor(p connectionOptions,
MySqlConnection owner) +113
Devart.Data.MySql.as.a(u A_0, Object A_1, DbConnectionBase A_2) +68
Devart.Common.DbConnectionFactory.a(DbConnectionPool A_0, u A_1,
DbConnectionBase A_2) +88
Devart.Common.DbConnectionPoolGroup.a(DbConnectionPool A_0, DbConnectionBase
A_1) +22
Devart.Common.DbConnectionPool.a(DbConnectionBase A_0) +45
Devart.Common.DbConnectionPool.GetObject(DbConnectionBase owningConnection)
+523
Devart.Common.DbConnectionFactory.a(DbConnectionBase A_0) +202
Devart.Common.DbConnectionClosed.Open(DbConnectionBase outerConnection) +138
Devart.Common.DbConnectionBase.Open() +149
2. Devart.Data.MySql version: 6.0.58.0
3. It is a dual core, 4GB RAM Windows 2008 64 bit machine. We saw the problem on Windows 7 Pro 64 bit machine as well.
4. IIS 7.0 (and IIS 7.5), ASP.Net 3.5
We did more testing here.  The problem shows up on Windows 2008 Standard 64bit and 32bit, Windows XP OS (possibly other operating systems) even without client SSL requirements.
Just enable SSL and the web process will run into problems, if you start a windows service that connects to the database before the web process.
I must insist that this is very important for us to get this thing resolved as soon as possible on Windows 2003, XP, Windows7 and 2008. 32 bit and 64 bit.
Please let me know what else you require from us. Thanks.
Here is the stack trace:
[CryptographicException: Couldn't acquire crypto service provider context.]
Devart.Security.SSL.f.a(IAsyncResult A_0) +203
Devart.Security.SSL.f.a(Byte[] A_0, Int32 A_1, Int32 A_2, SocketFlags A_3)
+67
Devart.Security.SSL.y.a(Byte[] A_0, Int32 A_1, Int32 A_2) +21
Devart.Common.ak.a(Byte[] A_0, Int32 A_1, Int32 A_2) +49
Devart.Common.s.d(Byte[] A_0, Int32 A_1, Int32 A_2) +60
[MySqlException (0x80004005): Can't connect to MySQL server on 'tp78' (10061):
Authentication failed.]
Devart.Data.MySql.v.a(String A_0, String A_1, String A_2, String A_3, Int32
A_4, String A_5, Int32 A_6, SshOptions A_7, SslOptions A_8, ProxyOptions A_9,
MySqlHttpOptions A_10, HttpOptions A_11) +3694
Devart.Data.MySql.MySqlInternalConnection.Connect(MySqlConnection owner,
String userId, String password, String host, String database, Int32 port, Int32
connectionTimeout, MySqlProtocol protocol, Boolean compress, Boolean
clientInteractive) +650
Devart.Data.MySql.MySqlInternalConnection..ctor(p connectionOptions,
MySqlConnection owner) +113
Devart.Data.MySql.as.a(u A_0, Object A_1, DbConnectionBase A_2) +68
Devart.Common.DbConnectionFactory.a(DbConnectionPool A_0, u A_1,
DbConnectionBase A_2) +88
Devart.Common.DbConnectionPoolGroup.a(DbConnectionPool A_0, DbConnectionBase
A_1) +22
Devart.Common.DbConnectionPool.a(DbConnectionBase A_0) +45
Devart.Common.DbConnectionPool.GetObject(DbConnectionBase owningConnection)
+530
Devart.Common.DbConnectionFactory.a(DbConnectionBase A_0) +202
Devart.Common.DbConnectionClosed.Open(DbConnectionBase outerConnection) +138
Devart.Common.DbConnectionBase.Open() +149
Devart.Data.MySql.MySqlConnection.Open() +209
			
									
									
						Just enable SSL and the web process will run into problems, if you start a windows service that connects to the database before the web process.
I must insist that this is very important for us to get this thing resolved as soon as possible on Windows 2003, XP, Windows7 and 2008. 32 bit and 64 bit.
Please let me know what else you require from us. Thanks.
Here is the stack trace:
[CryptographicException: Couldn't acquire crypto service provider context.]
Devart.Security.SSL.f.a(IAsyncResult A_0) +203
Devart.Security.SSL.f.a(Byte[] A_0, Int32 A_1, Int32 A_2, SocketFlags A_3)
+67
Devart.Security.SSL.y.a(Byte[] A_0, Int32 A_1, Int32 A_2) +21
Devart.Common.ak.a(Byte[] A_0, Int32 A_1, Int32 A_2) +49
Devart.Common.s.d(Byte[] A_0, Int32 A_1, Int32 A_2) +60
[MySqlException (0x80004005): Can't connect to MySQL server on 'tp78' (10061):
Authentication failed.]
Devart.Data.MySql.v.a(String A_0, String A_1, String A_2, String A_3, Int32
A_4, String A_5, Int32 A_6, SshOptions A_7, SslOptions A_8, ProxyOptions A_9,
MySqlHttpOptions A_10, HttpOptions A_11) +3694
Devart.Data.MySql.MySqlInternalConnection.Connect(MySqlConnection owner,
String userId, String password, String host, String database, Int32 port, Int32
connectionTimeout, MySqlProtocol protocol, Boolean compress, Boolean
clientInteractive) +650
Devart.Data.MySql.MySqlInternalConnection..ctor(p connectionOptions,
MySqlConnection owner) +113
Devart.Data.MySql.as.a(u A_0, Object A_1, DbConnectionBase A_2) +68
Devart.Common.DbConnectionFactory.a(DbConnectionPool A_0, u A_1,
DbConnectionBase A_2) +88
Devart.Common.DbConnectionPoolGroup.a(DbConnectionPool A_0, DbConnectionBase
A_1) +22
Devart.Common.DbConnectionPool.a(DbConnectionBase A_0) +45
Devart.Common.DbConnectionPool.GetObject(DbConnectionBase owningConnection)
+530
Devart.Common.DbConnectionFactory.a(DbConnectionBase A_0) +202
Devart.Common.DbConnectionClosed.Open(DbConnectionBase outerConnection) +138
Devart.Common.DbConnectionBase.Open() +149
Devart.Data.MySql.MySqlConnection.Open() +209
Correct version of the assemblies are getting loaded:
Loaded Assembly from GAC: "Devart.Data.MySql, Version=6.0.58.0, Culture=neutral, PublicKeyToken=09af7300eec23701". Location: C:\Windows\assembly\GAC_MSIL\Devart.Data.MySql\6.0.58.0__09af7300eec23701\Devart.Data.MySql.dll
Loaded Assembly from GAC: "Devart.Data, Version=5.0.159.0, Culture=neutral, PublicKeyToken=09af7300eec23701". Location: C:\Windows\assembly\GAC_MSIL\Devart.Data\5.0.159.0__09af7300eec23701\Devart.Data.dll
			
									
									
						Loaded Assembly from GAC: "Devart.Data.MySql, Version=6.0.58.0, Culture=neutral, PublicKeyToken=09af7300eec23701". Location: C:\Windows\assembly\GAC_MSIL\Devart.Data.MySql\6.0.58.0__09af7300eec23701\Devart.Data.MySql.dll
Loaded Assembly from GAC: "Devart.Data, Version=5.0.159.0, Culture=neutral, PublicKeyToken=09af7300eec23701". Location: C:\Windows\assembly\GAC_MSIL\Devart.Data\5.0.159.0__09af7300eec23701\Devart.Data.dll
We need this issue resolved asap as we are really closed to you release date.
It is the same issue. The web process (running as "Network Service") has no access on the file "9662578eb35f925aaa97e4941ca3d838_0d9c1178-8c0b-4510-8b36-8b990674bf28" in "C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys" when the file is not created by the web process.
On a fresh machine, if the component that runs as a windows service starts before the web service, the file is created by the windows service instead of the web service with limited permissions and the web process fails to read it.
All you need is SSL enabled (no client certs, no ca certs) to reproduce this problem.
Please update as soon as possible.
			
									
									
						It is the same issue. The web process (running as "Network Service") has no access on the file "9662578eb35f925aaa97e4941ca3d838_0d9c1178-8c0b-4510-8b36-8b990674bf28" in "C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys" when the file is not created by the web process.
On a fresh machine, if the component that runs as a windows service starts before the web service, the file is created by the windows service instead of the web service with limited permissions and the web process fails to read it.
All you need is SSL enabled (no client certs, no ca certs) to reproduce this problem.
Please update as soon as possible.
We have fixed the problem. A separate key will be created for every Windows account starting from the next build of dotConnect for MySQL. We are planning to release the new buld in a week. Does this timeframe meet your requirements?
As a temporary workaround, please modify security permissions on the C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\9662578eb35f925aaa97e4941ca3d838_f9c7516d-7207-4fb5-a07c-13f1fe8986b5 file manually via its Properties > Security tab after it is created by your Windows Service: set the current owner to your current Windows user or Everyone, save properties and re-open the Properties window (the Security tab), set a new user - Everyone, and grant a full control to it.
			
									
									
						As a temporary workaround, please modify security permissions on the C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\9662578eb35f925aaa97e4941ca3d838_f9c7516d-7207-4fb5-a07c-13f1fe8986b5 file manually via its Properties > Security tab after it is created by your Windows Service: set the current owner to your current Windows user or Everyone, save properties and re-open the Properties window (the Security tab), set a new user - Everyone, and grant a full control to it.
Shalex,
Thanks for the update. We are aware of the workaround but since we do not manage installations for our customers, it becomes support burden for us.
We are discussing whether we want to introduce a new version of the drivers this late in the release cycle. In any case, please update once you have the new version so that we can at least start testing it.
			
									
									
						Thanks for the update. We are aware of the workaround but since we do not manage installations for our customers, it becomes support burden for us.
We are discussing whether we want to introduce a new version of the drivers this late in the release cycle. In any case, please update once you have the new version so that we can at least start testing it.
New build of dotConnect for MySQL 6.10.103 is available for download now!
It can be downloaded from http://www.devart.com/dotconnect/mysql/download.html (trial version) or from Registered Users' Area (for users with valid subscription only): http://secure.devart.com/ .
For more information, please refer to http://www.devart.com/forums/viewtopic.php?t=20225 .
			
									
									
						It can be downloaded from http://www.devart.com/dotconnect/mysql/download.html (trial version) or from Registered Users' Area (for users with valid subscription only): http://secure.devart.com/ .
For more information, please refer to http://www.devart.com/forums/viewtopic.php?t=20225 .