I am trying to get OpenID authentication to work in my Azure ASP.NET MVC 3 application and followed the steps in MVC 3 Custom Login Sample to do this. Everything works fine in a development environment, but not when deployed on an Azure platform.
The first problem started with the authentication that caused the error "The key is not valid for use in the specified state . " The discussion here indicates that the application must be configured to use RsaEncryptionCookieTransform instead of the default DPAPI. To try to solve this problem, I added the code OnServiceConfigurationCreateddescribed in Alik Levin’s blog , but I didn’t go further, because it describes how to configure a self-signed certificate in development (which, as already mentioned, was not necessary), and not in Azure.
Instead of this approach, I tried to use the X.509 certificate already in Azure. I found a fingerprint in Windows Azure Management> Access Control Service> Third-Party Application Applications> (My Application Name)> Token Signing Certificates> Used for Service Names (X.509 Certificate) . Then I added this link in web.config:
<serviceCertificate>
<certificateReference x509FindType="FindByThumbprint" findValue="8A417..." />
</serviceCertificate>
Now I get a configuration error when starting the application:
ID1024: The configuration property value is not valid.
Property name: 'certificateReference'
Error: 'ID1025: Cannot find a unique certificate that matches the criteria.
StoreName: 'My'
StoreLocation: 'LocalMachine'
X509FindType: 'FindByThumbprint'
FindValue: '8A417 ...' '
" "? , X.509 Azure cookie?