View Only
Discussion Thread View

Crypto Error When Provisioning Softphone

  • 1.  Crypto Error When Provisioning Softphone

    Posted 11-23-2022 18:26
    Edited by Jon Mercer 11-23-2022 19:11
     (EDIT) Going into the c:\programdata\application data\microsoft\crypto\rsa and giving user full control permissions resolved the error, though sure it probably also opened up a security hole.

    It was in KB 000107005 for solving SIP softphone problems.  I did nothing else with the permissions listed.

    On 3 of 30 systems I set up softphone on, on our 2020 R3 systems, I get a general error saying something went wrong, contact your admin when provisioning softphone, right after verifying the server address and selecting next.  I set the softphone logs to 6 and the Interactive Desktop to 7 (100).  In the logs for SIP I get this.  I don't know what would cause this, since all the computers that this is being set up are the same with the same image of windows and permissions (User).

    Certificates.DecodeRsaPrivateKey :
    Top Exception
    Message=Access is denied.

    at System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr)
    at System.Security.Cryptography.Utils._CreateCSP(CspParameters param, Boolean randomKeyContainer, SafeProvHandle& hProv)
    at System.Security.Cryptography.Utils.CreateProvHandle(CspParameters parameters, Boolean randomKeyContainer)
    at System.Security.Cryptography.Utils.GetKeyPairHelper(CspAlgorithmType keyType, CspParameters parameters, Boolean randomKeyContainer, Int32 dwKeySize, SafeProvHandle& safeProvHandle, SafeKeyHandle& safeKeyHandle)
    at System.Security.Cryptography.RSACryptoServiceProvider.GetKeyPair()
    at System.Security.Cryptography.RSACryptoServiceProvider..ctor(Int32 dwKeySize, CspParameters parameters, Boolean useDefaultKeySize)
    at ININ.SIPSoftStation.Provision.Certificates.DecodeRsaPrivateKey(IList`1 privateKey, Boolean& permissionFailure) in d:\builds\eic_2020r3_p09\products\eic\src\softstation\Client\Provision\Provision.cs:line 1051

    at Certificates.DecodeRsaPrivateKey(IList`1 privateKey, Boolean& permissionFailure) d:\builds\eic_2020r3_p09\products\eic\src\softstation\Client\Provision\Provision.cs(1070)
    at Certificates.DecodePemPrivateKey(String pemKey, Boolean& permissionFailure) d:\builds\eic_2020r3_p09\products\eic\src\softstation\Client\Provision\Provision.cs(939)
    at Certificates.DecodePrivateKey(String strPrivateKeyPath, Boolean& permissionFailure) d:\builds\eic_2020r3_p09\products\eic\src\softstation\Client\Provision\Provision.cs(908)
    at LoadConfigurationPage.RequestAndCreateCertificate(String strHostName, Boolean& permissionFailure) d:\builds\eic_2020r3_p09\products\eic\src\softstation\Client\Provision\LoadConfigurationPage.cs(415)
    at LoadConfigurationPage.HttpLoadRequest(IEnumerable`1 uriCollection) d:\builds\eic_2020r3_p09\products\eic\src\softstation\Client\Provision\LoadConfigurationPage.cs(247)
    at LoadConfigurationPage.DoHttpRequest(Object o) d:\builds\eic_2020r3_p09\products\eic\src\softstation\Client\Provision\LoadConfigurationPage.cs(585)
    at QueueUserWorkItemCallback.WaitCallback_Context(Object state)
    at ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
    at ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
    at QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
    at ThreadPoolWorkQueue.Dispatch()
    at _ThreadPoolWaitCallback.PerformWaitCallback()

    It then has an entry saying error downloading configuration because server is not found, which I presume is due to the certifiate being denied.

    I have tried going off different suggestions of giving authenticate user full access to the certificate folder, as well and removing and reinstalling Interaction Desktop with admin rights.

    The Certificate folder has been renamed and rebuild in the c:\users\(alias) folder and then copied over to the c:\program files x86\interactive intelligence folder, and then given authenticated user full permission.

    If I open Softphone as administrator, then it provisions just fine, but I also have to load Interaction Desktop as admin, or it won't open.  This is fine for my system where this is happening since I am an admin on my system, but most everyone else isn't, so they can't just do that.

    Jon Mercer