web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Microsoft Dynamics CRM (Archived) / Dynamics 365 9.0 on-pr...
Microsoft Dynamics CRM (Archived)

Dynamics 365 9.0 on-premise IFD configuration: Error Invalid provider type specified

(0) ShareShare
ReportReport
Posted on by Song 91

Hello,

I have installed D365 9.0 on-premise on my hyper-V machines and I am configuring claims-based auth and IFD, I have used AD CA to request a domain wildcard certificate, after configuration of claims-based auth. I have tried this url https://internalcrm.kcenter.com:444/federationmetadata/2007-06/federationmetadata.xml but have the following error message.  the url https://adfs.kcenter.com/federationmetadata/2007-06/federationmetadata.xml works well.

<?xml version="1.0"?>

-<error xmlns:xsi="www.w3.org/.../XMLSchema-instance" xmlns:xsd="www.w3.org/.../XMLSchema">

<exception>Unhandled Exception: System.ServiceModel.FaultException`1[[Microsoft.Xrm.Sdk.OrganizationServiceFault, Microsoft.Xrm.Sdk, Version=9.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]]: System.Security.Cryptography.CryptographicException: Invalid provider type specified. at System.Security.Cryptography.Utils.CreateProvHandle(CspParameters parameters, Boolean randomKeyContainer) at System.Security.Cryptography.Utils.GetKeyPairHelper(CspAlgorithmType keyType, CspParameters parameters, Boolean randomKeyContainer, Int32 dwKeySize, SafeProvHandle& safeProvHandle, SafeKeyHandle& safeKeyHandle) at System.Security.Cryptography.RSACryptoServiceProvider.GetKeyPair() at System.Security.Cryptography.RSACryptoServiceProvider..ctor(Int32 dwKeySize, CspParameters parameters, Boolean useDefaultKeySize) at System.Security.Cryptography.X509Certificates.X509Certificate2.get_PrivateKey() at System.IdentityModel.Tokens.X509AsymmetricSecurityKey.get_PrivateKey() at System.IdentityModel.Tokens.X509AsymmetricSecurityKey.GetSignatureFormatter(String algorithm) at System.IdentityModel.SignedXml.ComputeSignature(SecurityKey signingKey) at System.IdentityModel.EnvelopedSignatureWriter.ComputeSignature() at System.IdentityModel.EnvelopedSignatureWriter.OnEndRootElement() at System.IdentityModel.Metadata.MetadataSerializer.WriteEntityDescriptor(XmlWriter inputWriter, EntityDescriptor entityDescriptor) at System.IdentityModel.Metadata.MetadataSerializer.WriteMetadata(Stream stream, MetadataBase metadata) at Microsoft.Crm.Authentication.Claims.MetadataGenerator.GenerateCrmFederationMetadata(Stream stream) at Microsoft.Crm.Application.Components.Handlers.FederationMetadata.ProcessRequestInternal(HttpContext context) at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously): Microsoft Dynamics CRM has experienced an error. Reference number for administrators or support: #52B75F04Detail: <OrganizationServiceFault xmlns:i="www.w3.org/.../XMLSchema-instance" xmlns="schemas.microsoft.com/.../Contracts"> <ActivityId>d096958b-7e1b-4d58-a0d0-cf1724fe05a4</ActivityId> <ErrorCode>-2147220970</ErrorCode> <ErrorDetails xmlns:d2p1="schemas.datacontract.org/.../System.Collections.Generic" /> <Message>System.Security.Cryptography.CryptographicException: Invalid provider type specified. at System.Security.Cryptography.Utils.CreateProvHandle(CspParameters parameters, Boolean randomKeyContainer) at System.Security.Cryptography.Utils.GetKeyPairHelper(CspAlgorithmType keyType, CspParameters parameters, Boolean randomKeyContainer, Int32 dwKeySize, SafeProvHandle&amp; safeProvHandle, SafeKeyHandle&amp; safeKeyHandle) at System.Security.Cryptography.RSACryptoServiceProvider.GetKeyPair() at System.Security.Cryptography.RSACryptoServiceProvider..ctor(Int32 dwKeySize, CspParameters parameters, Boolean useDefaultKeySize) at System.Security.Cryptography.X509Certificates.X509Certificate2.get_PrivateKey() at System.IdentityModel.Tokens.X509AsymmetricSecurityKey.get_PrivateKey() at System.IdentityModel.Tokens.X509AsymmetricSecurityKey.GetSignatureFormatter(String algorithm) at System.IdentityModel.SignedXml.ComputeSignature(SecurityKey signingKey) at System.IdentityModel.EnvelopedSignatureWriter.ComputeSignature() at System.IdentityModel.EnvelopedSignatureWriter.OnEndRootElement() at System.IdentityModel.Metadata.MetadataSerializer.WriteEntityDescriptor(XmlWriter inputWriter, EntityDescriptor entityDescriptor) at System.IdentityModel.Metadata.MetadataSerializer.WriteMetadata(Stream stream, MetadataBase metadata) at Microsoft.Crm.Authentication.Claims.MetadataGenerator.GenerateCrmFederationMetadata(Stream stream) at Microsoft.Crm.Application.Components.Handlers.FederationMetadata.ProcessRequestInternal(HttpContext context) at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean&amp; completedSynchronously): Microsoft Dynamics CRM has experienced an error. Reference number for administrators or support: #52B75F04</Message> <Timestamp>2019-03-22T06:30:25.9316984Z</Timestamp> <ExceptionRetriable>false</ExceptionRetriable> <ExceptionSource i:nil="true" /> <InnerFault i:nil="true" /> <OriginalException i:nil="true" /> <TraceText i:nil="true" /> </OrganizationServiceFault> </exception>

<parameters xsi:nil="true"/>

<displaytitle/>

<displaytextencoded/>

<displaytext/>

<description>Invalid provider type specified. </description>

<file>Not available</file>

<line>Not available</line>

<details>Not available</details>

<traceInfo/>

<requesturl>internalcrm.kcenter.com/.../FederationMetadata.ashx&lt;/requesturl>

<pathAndQuery>/Handlers/FederationMetadata.ashx</pathAndQuery>

<source>ASHX_XML</source>

<stacktrace/>

</error>


I had also try another certificate with the lasted web server template (V4, Win server 2016) but still have the same error.

I had tried to find a free wildcard certificate from internet but it seems difficult for an internal domain name. 

Thanks for any ideas

Song

*This post is locked for comments

I have the same question (0)
  • Verified answer
    David Jennaway Profile Picture
    David Jennaway 14,065 on at

    I've previously had this error with v3 certificates, but not those using a v2 template. See https://social.microsoft.com/forums/en-US/6f89faad-a0a4-4f2e-a76e-cefd56256f99/unable-to-browse-to-the-crm-federationmetadata-endpoint-after-configuring-claimsbased-auth  . Although it was written for CRM 2011, the same issue can apply to CRM 2016

  • Song Profile Picture
    Song 91 on at

    Hi, David,

    Thank you, I have tried it with v2 template but still the same error message. What I did was duplicate a new template from the template "web server" in CA, its schema version is 2, and I have placed this new certificate in ADFS, crm IIS binding and reconfigured claims based auth.

    Song

  • Song Profile Picture
    Song 91 on at

    David,

    I havn't notice that the error message was changed, it was "Keyset does not exist", I followed the article in your reply with findprivatekey tool, but I dont know how to use the command icacls (as cacls was deprecated), then I granted certificate permission to crm app pool account and it worked!

    thank you

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Responsible AI policies

As AI tools become more common, we’re introducing a Responsible AI Use…

Neeraj Kumar – Community Spotlight

We are honored to recognize Neeraj Kumar as our Community Spotlight honoree for…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > 🔒一 Microsoft Dynamics CRM (Archived)

#1
SA-08121319-0 Profile Picture

SA-08121319-0 4

#1
Calum MacFarlane Profile Picture

Calum MacFarlane 4

#3
Alex Fun Wei Jie Profile Picture

Alex Fun Wei Jie 2

Last 30 days Overall leaderboard

Featured topics

Product updates

Dynamics 365 release plans