I have added <MSDeployEnableWebConfigEncryptRule>true</MSDeployEnableWebConfigEncryptRule> to .pubxml file in order to encrypt web config file. However, when publishing, i got the following error. I do not know whether there is extra setting needed in the web.config file other than inserting <MSDeployEnableWebConfigEncryptRule>true</MSDeployEnableWebConfigEncryptRule> in .pubxml
Error:
Web deployment task failed.(Fail to encrypt destination web.config. Learn more at: http://go.microsoft.com/fwlink/?LinkId=221672#ERROR_FAILED_TO_ENCRYPT_WEB_CONFIG.)
Note: #ERROR_FAILED_TO_ENCRYPT_WEB_CONFIG does not appears anywhere on the given link.
How could i resolve this error? (note: i do not wish to pre-encrypt the web.config file locally before publishing it)
The problem seem to be that MSDeployEnableWebConfigEncryptRule doesn't work with MVC project that have multiple web.config files. Typically MVC project has Views/Web.Config file. This seems like a bug with MSDeploy.
My Workaround is to have a post deployment powershell script to perform same command on the destination server. See http://www.iis.net/learn/publish/using-web-deploy/web-deploy-powershell-cmdlets
Powershell Script Sample:
Add-PSSnapin WDeploySnapin3.0
$cmd = '%windir%\Microsoft.NET\Framework\v4.0.30319\ASPNET_REGIIS.exe -{0} {1} "{2}"' -f 'pef', 'connectionStrings', $destinationFolder
New-WDPublishSettings -UserId $UserName -Password $Password -ComputerName $destination -AllowUntrusted -FileName server.publishsettings -AgentType MSDepSvc -Site $Website
Invoke-WDCommand -Command $cmd -DestinationPublishSettings server -Verbose
I was getting this same message too.
I looked in the Web Deployment logs in the Event Viewer > Microsoft Web Deploy. The Exception it was giving me was:
ERROR_FAILED_TO_ENCRYPT_WEB_CONFIG
Microsoft.Web.Deployment.DeploymentDetailedClientServerException: Failed to encrypt destination web.config: .... Learn more at: http://go.microsoft.com/fwlink/?LinkId=221672#ERROR_FAILED_TO_ENCRYPT_WEB_CONFIG. ---> System.Security.Cryptography.CryptographicException: Object already exists.
Googling this led me to this answer from "Just TFS": Release Management Agent not connecting
Which said "The Deployer user (\) does not have access to the crypto store. On the server where the deployment agent is installed, navigate to this folder %ALLUSERSPROFILE%\Application Data\Microsoft\Crypto\RSA\MachineKeys and give read/write access to \. – Just TFS Sep 3 '14 at 12:08"
So I attempted to give my MS Deployer user account read/write to that MachineKeys folder but it denied me access to do so. I ended up adding the deployer user account as a local Administrator and that did the trick.
Was able to deploy with it encrypting the web.config file successfully to the server.
Related
I use CyberArk 12.1 to get database password by SDK. Application was written in NetCore3.1, we migrate it to NET6. Sadly CA 12.1 isn't compatible with NET6, support appears in 12.6, but my organisation at this moment doesn't plan upgrade
I try to execute PowerShell script from my application (NET6) to connect with CyberArk agent
Script returns from CA error
APPAP308E - Invalid process path. Full path is required
PowerShell
C:\Program Files (x86)\...\CLIPasswordSDK.exe GetPassword /p AppId=xxx /p Query="Safe=xxx;Folder=Root;Object=xxx" /p Reaseon="test"
I don't understand what means path in this context?
How can I resolve problem, what could be wrong in my script?
Script is executed in application by creating new process
Process.Start("script.bat"); // Error about path from CyberArk
There has to be entered absolute path
Process.Start("c:\\app\\script.bat"); // works
I deployed a website in https://pokegotool.azurewebsites.net.
However, when I use a browser to access it and read the browser console, it told that the "Content/pre-css/styles.less" file is inaccessible (error code 404).
I build the web site locally in IIS and it had no such problem as the file is loaded successfully. I am sure that the file exists in Azure deployment place.
This URL is ZIP archived project: https://www.mediafire.com/file/i6745pz5j43cw2z/RangeGen.zip/file
Feel free to use it.
Is this an error from Azure or from my project itself? How could I fix it?
I have deployed your project and met the same issue . Basically , it is due to that Azure app service IIS server have not mapped correct MIME type for .less files by default.
To solve this issue , just adding a map record in your web.config file as below :
<system.webServer>
<staticContent>
<mimeMap fileExtension=".less" mimeType="text/plain" />
</staticContent>
</system.webServer>
It works on my app service , try it here : https://rangegen20190902101335.azurewebsites.net/Content/pre-css/styles.less
Pls mark me if it solves your issue : )
I have code coverage enabled on TFS 2013. I work with MSBuild.SonarQube.Runner 1.0.1. When I run the End phase of the Analysis. I get the following error messages:
11:36:00.269 Failed to convert the downloaded code coverage tool to XML. No code coverage information will be uploaded to SonarQube.<br/>
Check that the downloaded code coverage file (C:\Builds\39\[product name]\System_Main_Release_Code_Analysis\.sonarqube\out\VSCodeCoverageReport.coverage) is valid by opening it in Visual Studio. If it is not, check that the internet security settings on the build machine allow files to be downloaded from the Team Foundation Server machine.
Post-processing failed. Exit code: 1
An error occurred while copying diagnostic activity logs to the drop location. Details: Forbidden
On the build server there is no VSCodeCoverageReport.coverage file - at least not at the indicated location and with that name. However, when I click on (Coverage Results) in the TFS Build summary, a coverage file is downloaded that opens up in Visual Studio in the Code Coverage Results Window.
What could be the issue?
The problem is solved.
The proxy settings on the build agent had changed. This resulted in http requests to the TFS server or any local addresses to fail.
It was particularly challanging to figure out, because the Agent build log that tells you all the details of a build is the file that could not be transferred to the drop location. So I used ProcMon from Sysinternals with File monitor enabled during a build. A comparison between a successful build in the past and a current failed build showed me which file was missing (the agent log file). A search in ProcMon for this file revealed where that file was located on the build agent. The Agent Log file contained the Downloading coverage file from {0} to {1} line Dinesh was looking for in his attempt to help me. That http address pasted into a browser showed an "Access denied" message.
From there it was a logical step to analyse the Proxy settings. What finally solved it was to check "Bypass proxy server for local addresses" in the Local Area Network (LAN) Settings"
I just registered at AWS services (micro, free) and trying to deploy asp.net mvc 4 application.
Everything is working fine, web application deployed and running (the web part, database, etc), but when i am trying to write to filesystem (for example, when i`m saving a file), i'm gettig an exception
System.UnauthorizedAccessException: Access to the path
'C:\inetpub\wwwroot.logs\xxx.log
The folder "C:\inetpub\wwwroot\.logs" exists.
I tried to grant a permission to folder to DefaultAppPool using commands.
I have following web project structure:
WebHost
.ebextensions
aws.config
aws.cofig has following content:
container_commands:
01-logscreate:
command: "mkdir C:\inetpub\wwwroot\.logs > create-logs.log"
cwd: "C:/inetpub/wwwroot/.ebextensions"
01-logspermission:
command: "icacls \"C:/inetpub/wwwroot/.logs\" /grant DefaultAppPool:(OI) (CI) > p-logs.log"
cwd: "C:/inetpub/wwwroot/.ebextensions"
When i accessing the file, i resolving the full path using
HostingEnvironment.MapPath("~/.logs/xxx.log")
But when i trying to write to this file, a get an exception.
Relative path of '.ebextensions' in deployment package is
Content\D_C.git\udsmonitoring.app\WebHost\obj\Debug\Package\PackageTmp\.ebextensions
Thanx in advance
The app pool that gets deployed runs with limited permissions. It doesn't have access to write to that directory.
Further, you really shouldn't need to be writing logs to the instance file system itself. These instances are transient. If you need a logging solution, consider using CloudWatch or LogEntries. Both probably fit into your existing code base with only a config file change required. In general, if what you're doing ends up with you needing to remote into the EC2 instance to do or see something, consider taking an alternate approach.
Finally, if you really do have a need to write to that directory from within the context of your app, you can add a command in your ebextensions that uses appcmd to set the app pool identity to one with greater privileges...or have a command that sets the directory permissions explicitly.
I'm trying to encrypt the connection strings in my web.config. I'm following the instructions from Walkthrough: Creating and Exporting an RSA Key Container. However, when I get to the part with the command:
aspnet_regiis -pe "connectionStrings" -app "/MyApplication" -prov "MyProvider"
it keeps complaining:
"The configuration for the virtual path '/MyApplication' and site 'Default Web Site' cannot be opened
Failed to map the path '/myapplication'
Failed!
I'm fairly sure I've followed the instructions correctly. I created the project named 'MyApplication' directly in the 'C:' root.
Any ideas? Perhaps I should be following a different set of instructions?
Thanks for your answers. Turned out I needed to run the command prompt as "Administrator"
Did you add the MyApplication folder as a virtual directory in IIS under the default web site? That seems to be what it's looking for, not a folder path...
According to this MSDN post, you can use -site to define the site to target. An excerpt from that site:
Use the –app option to identify the application for which the
Web.config file will be encrypted and the -site option to identify
which Web site the application is a part of. The Web site is
identified using the site number from the Internet Information
Services (IIS) metabase. You can retrieve the site number from the
INSTANCE_META_PATH server variable in the ServerVariables collection.
For example, when IIS is installed, a Web site named "Default Web
Site" is created as site 1. In pages served from that site, the
INSTANCE_META_PATH server variable returns "/LM/W3SVC/1". If you do
not specify a -site option, site 1 is used.
/MyApplication is a virtual path and the message seems to indicate that path is not available i.e. there is no http://localhost/MyApplication. Did you forget to create virtual directory for your app in IIS?