This article is contributed. See the original author and article here.
IIS may display “Keyset does not exist” error while trying to set application pool identity. In the the Event Viewer, I saw this message:
ERROR ( hresult:80090016, message:Failed to commit configuration changes. Keyset does not exist)
This issue occurs when there is a problem with the machine keys (C:ProgramDataMicrosoftCryptoRSAMachineKeys)
IIS uses the machine keys below for encryption. The first thing to check is if these files exist.
6de9cb26d2b98c01ec4e9e8b34824aa2_GUID | iisConfigurationKey |
d6d986f09a1ee04e24c949879fdb506c_GUID | NetFrameworkConfigurationKey |
76944fb33636aeddb9590521c2e8815a_GUID | iisWasKey |
If the files exist in MachineKeys folder, check their security permissions. In the server I worked on, these files didn’t have owners.
After taking the ownership, it displayed only IIS_IUSRS account in the permission list. I added DatabaseAdministrators group to the Security list. Other required permissions came back right away. Afterward, we were able to change application pool identity.
Note: If you see 0x8009000D error along with “Keyset does not exist” message, please check this post.
Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.
Recent Comments