‘/LM/W3SVC/4/ROOT’ with physical root ‘C:\inetpub\apitest.myproject.com’ has exited from Program.Main with exit code = ‘1’. First 30KB characters of captured stdout and stderr logs: [20:28:44 INF] Starting myproject.HttpApi.Host. [20:28:46 FTL] Host terminated unexpectedly! Volo.Abp.AbpInitializationException: An error occurred during ConfigureServicesAsync phase of the module Volo.Abp.OpenIddict.AbpOpenIddictAspNetCoreModule, Volo.Abp.OpenIddict.AspNetCore, Version=8.0.2.0, Culture=neutral, PublicKeyToken=null. See the inner exception for details. —> System.Security.Cryptography.CryptographicException: Access is denied. at System.Security.Cryptography.X509Certificates.StorePal.FromSystemStore(String storeName, StoreLocation storeLocation, OpenFlags openFlags) at System.Security.Cryptography.X509Certificates.X509Store.Open(OpenFlags flags) at Microsoft.Extensions.DependencyInjection.OpenIddictServerBuilder.AddDevelopmentEncryptionCertificate(X500DistinguishedName subject) at Microsoft.Extensions.DependencyInjection.OpenIddictServerBuilder.AddDevelopmentEncryptionCertificate() at Volo.Abp.OpenIddict.AbpOpenIddictAspNetCoreModule.<>c__DisplayClass1_0.b__0(OpenIddictServerBuilder builder) at Microsoft.Extensions.DependencyInjection.OpenIddictServerExtensions.AddServer(OpenIddictBuilder builder, Action1 configuration) at Volo.Abp.OpenIddict.AbpOpenIddictAspNetCoreModule.AddOpenIddictServer(IServiceCollection services) at Volo.Abp.OpenIddict.AbpOpenIddictAspNetCoreModule.ConfigureServices(ServiceConfigurationContext context) at Volo.Abp.Modularity.AbpModule.ConfigureServicesAsync(ServiceConfigurationContext context) at Volo.Abp.AbpApplicationBase.ConfigureServicesAsync() — End of inner exception stack trace — at Volo.Abp.AbpApplicationBase.ConfigureServicesAsync() at Volo.Abp.AbpApplicationFactory.CreateAsync[TStartupModule](IServiceCollection services, Action1 optionsAction) at Microsoft.Extensions.DependencyInjection.ServiceCollectionApplicationExtensions.AddApplicationAsync[TStartupModule](IServiceCollection services, Action1 optionsAction) at Microsoft.Extensions.DependencyInjection.WebApplicationBuilderExtensions.AddApplicationAsync[TStartupModule](WebApplicationBuilder builder, Action1 optionsAction) at myproject.Program.Main(String[] args) in C:\Users\omer\source\repos\myprojectABP\myproject\src\myproject.HttpApi.Host\Program.cs:line 35
If you wanted to publish your ABP Framework project with OpenIddict to IIS and see this error, you can solve this problem by changing “Load User Profile” property of Application Pool in IIS to true.
For more information you can check also: https://documentation.openiddict.com/configuration/encryption-and-signing-credentials.html#registering-a-development-certificate
options.AddDevelopmentEncryptionCertificate()
oroptions.AddDevelopmentSigningCertificate()
cannot be used in applications deployed on IIS or Azure App Service: trying to use them on IIS or Azure App Service will result in an exception being thrown at runtime (unless the application pool is configured to load a user profile). To avoid that, consider creating self-signed certificates and storing them in the X.509 certificates store of the host machine(s).