Windows error 0x80090016, -2146893802

Keyset does not exist / Identity invalid

Note: I've found several questions similar on here, but the one's that were resolved did not work for me. So I thought I'd open a new question. I rebooted our server 2012 box, which hosts our new .net applications. After doing so, I started receiving a 503 error. Upon investigation, [...] read more

Audit failure 5061 after logging in to Windows 10

Logging in to Windows 10 Build 10547 I see for a split second a message box pop up. There's no time to read it as the login succeeds. In the event log I see: Audit failure 5061 with a task category of System Integrity The event directly previous is fetching [...] read more

Why do I lose my key container when I reboot?

For many years we have kept our strong name key in a key container. Visual Studio doesn't directly support that but, it works fine if you just edit the .csproj file and add: <KeyContainerName>MyKeyName</KeyContainerName> We install the key into the key store by doing: sn -m Y sn -i MyKeyFile.snk [...] read more

Error while changing identity for application pool

I try change identity for application pool on Windows Azure. My project uses this application pool when works on Windows Azure. By default application pool uses NetworkService identity, but I must use another identity. I try change it in OnStart() event of WebRole by this way: using (ServerManager serverManager = [...] read more

Can't import PFX with CERTUTIL -- "Keyset does not exist"

We have a PFX file that when used on any other Windows system (Server 2008 R2, 7, 8) installs fine. On 2 of my servers, the import fails like so: CertUtil: -importPFX command FAILED: 0x80090016 (-2146893802) CertUtil: Keyset does not exist We originally imported this PFX use the MMC snap-in, [...] read more

Adding private key to certificate with only public key on Windows Server in .NET

The following lines of code, which is part of a .NET FW 4.6.2 Console Application, execute without exceptions when run on a Windows 10. But when running on a Windows Server 2016 it causes a CryptographicException to be thrown when the Export method is called, saying Keyset does not exist [...] read more

MS CryptoAPI - Machine Keystore with Error 0x80090016 (NTE_BAD_KEYSET) with certreq created keys

SUMMARY I create a PKCS#10 CSR with certreq and have set the option Exportable=TRUE. This successfully creates a key under the location REQUEST. I also have a valid certificate with key in MY. If I try to access any one of them the CryptoAPI reports error code 0x80090016. Running under [...] read more

CryptProtectData fails with NTE_BAD_KEYSET (0x80090016) error on Windows XP when run from the local service

I'm using the following code from within my local service to scramble some sensitive data before it's saved in the HKLM key: LPCTSTR pStr = L"This is a plaintext string!"; DATA_BLOB blobIn; blobIn.pbData = (BYTE*)pStr; blobIn.cbData = lstrlen(pStr) * sizeof(TCHAR); DATA_BLOB blobOut = {0}; if(::CryptProtectData(&blobIn, NULL, NULL, NULL, NULL, CRYPTPROTECT_UI_FORBIDDEN, [...] read more

Error in AES Encryption using C++

I have done Encryption of a File using C++ with ENCRYPT_ALGORITHM as CALG_RC4. The code is working fine. When I changed the ENCRYPT_ALGORITHM to CALG_AES_256 it fails. if(CryptAcquireContext( &hCryptProv, NULL, MS_ENHANCED_PROV, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) and if(!CryptDeriveKey( hCryptProv, ENCRYPT_ALGORITHM, hHash, KEYLENGTH, &hKey)) fails with the error no. 0x80090016 and 0x8009000f I want [...] read more

Problematic Active Directory CA certificate

i came across one DC, which gives me RPC errors when dealing with AD Certificate Service.I can see in AD there is 2 Root CA , one is problematic. Is it safe to remove it? Or is there a procedure for this ? windows Server 2012 R2 Event "Active Directory [...] read more

Server 2008: Keyset does not exist when installing scheduled task

The product I work on has an installer that does a whole bunch of things, including installing regular files, setting registry keys, installing websites and web services on IIS and creating scheduled tasks. We have used this installer for years and now and then we have an issue with it [...] read more

PC crashes on building a VS2008 WPF application

My PC crashes and restarts whenever i build a WPF application on my VS2008. I have no idea why this happens and i have collected the EventViewer logs for reference. One interesting thing to note is that the event source is from the .NET Runtime version 2.0.50727.3625 for a WPF [...] read more

PFXExportCertStoreEx API not exporting private key to PFX file

I am trying to create creating a pfx file using PFXExportCertStoreEx API for a self-signed certificate and its corresponding private key. Self-signed Certificate exporting to pfx but private key not exporting to a pfx file. I set the export policy for the private key as below. export_policy = NCRYPT_ALLOW_EXPORT_FLAG | [...] read more

Failure renewing root CA certificate - 0x80090016 NTE_BAD_KEYSET

We have a multi-tiered PKI infrastructure with a standalone, offline Root CA. Every year we go through a process of extending the root CA certificate (renewing while reusing existing keys) and reissuing the subordinate CA certificates. The server stays offline, except for that once per year process, when it is [...] read more

Reporting Services 2008 Service Account error

I saved over the encryption key backup file when changing from one account to another. Now I can't see reports, change accounts, or use any of the Encryption key tools in the configuration manager. I receive a > "Creating Encryption Key Backup" error 0x80090016 . Does anyone know how to [...] read more

Why am I getting this error when attempting to export a private key with Mimikatz?

I’m using Windows 10 (19041.867) and trying to use Mimikatz (2.2.0 20200918) to export a private key marked as non-exportable by the certificate export wizard. After using the following commands: crypto::capi crypto::certificates /export I get the following error for the private key export (XXX for privacy). Am I doing anything [...] read more

Windows Server 2003 R2 Enterprise Edition

I am using Windows Server 2003 R2 and want to schedule a task using Task Scheduler but it gives the following error. 0x80090016: Keyset does not exist. Both Task scheduler and Protected storage service are running. Kindly help me how to resolve the issue? Thanks in advance. read more

CertUtil importpfx Keyset does not exist

I have a p12 file, 'test.p12,' that has a certificate, the CA cert (self-signed), and private key for the certificate. The p12 file is generated using the BouncyCastle's C# API. When trying to import the certificate by using 'CertUtil', i.e., 'CertUtil -f -p password -importpfx test.p12,' CertUtil generates the following [...] read more

Getting md5 hash code for dll file in c++

Hi guys i am trying to get dll md5 hash but it is returning same value all the time, what i did wrong? this dll is already loaded when i am trying to getHash i am getting hash with getHash() method and calculating it with CalcHash thnks in advanced. #define [...] read more

Why, after using 'CryptSetHashParam', can I no longer add data to my MD5 hash object?

I am trying to use the Microsoft 'Crypt...' functions to generate an MD5 hash key from the data that is added to the hash object. I am also trying to use the 'CryptSetHashParam' to set the hash object to a particular hash value before adding data to it. According to [...] read more

What exactly is a "persisted private key"?

I'm trying to use Microsoft's Crypto API to do some RSA. On Windows Vista and above, my code runs without problem. CryptAcquireContext(&m_hCryptProv, NULL, MS_ENHANCED_PROV, PROV_RSA_FULL, 0); Unfortunately, on the two Windows XP machines that I have tried, I get error code NTE_BAD_KEYSET (0x80090016). A little bit of googling found this [...] read more