"Could not create SSL/TLS secure channel" when using a Management Certificate behind IIS for Windows Azure Management Libraries

Just discovered this error and guessing it could be something other people might face and google for.

Today I was creating a demo site provisioner for Composite C1 and while developing I was running my WebApi site under IIS express and when I was using Windows Azure Management Libraries (WAML) for finding the cloud service to deploy the websites to I faced an error I had not seen before:

  private async Task<DeploymentGetResponse> FindDeploymentForHostingWebsite(
            ComputeManagementClient compute, CreateDemoSiteMessage message, CancellationToken ctoken)
            var hostedServices = await compute.HostedServices.ListAsync(ctoken);

The above call to HostedServices List failed with the following exception message : Could not create SSL/TLS secure channel

When I had used the same code before in a Azure Worker Role I knew it shold work and I started debugging and inspecting properties on the CertificateCloudCredentials and found that the private key threw an exception for "Keyset does not exist". Most likely such error would be something with permissions.

I assume that if you have run into this error, then you know how to manage your certificates. Ussing either the MMC snapin or "manage computer certificates" in windows 8. 

Caption: How to mange private keys on your certificate.

When clicking "Manage Private Keys..." you get the user selection window and even though it for my case said Administrator roles had access I got the exception. I just added my own user account (IIS Express runs under the logged in users account) and gave my self full permissions and my application started working on localhost also.

The reason why we need the private key is for signing the requests being send to the management api.

So if you ran into the problem and this helped you, then I am happy. 

comments powered by Disqus