I get this error when trying to issue a certificate and smart card for the users. FIM CM was unable to decrypt necessary data. And getting these errors in the logs Event code: 3005 Event message: An unhandled exception has occurred. Event time: 10/24/2012 8:13:03 PM Event time (UTC): 10/24/2012 4:13:03 PM Event ID: a2631ed93a2249f6945ec23313077092 Event sequence: 20 Event occurrence: 1 Event detail code: 0 Application information: Application domain: /LM/W3SVC/1/ROOT/CertificateManagement-1-129955686128295829 Trust level: Full Application Virtual Path: /CertificateManagement Application Path: C:\Program Files\Microsoft Forefront Identity Manager\2010\Certificate Management\web\ Machine name: FIM Process information: Process ID: 2580 Process name: w3wp.exe Account name: Domain\clmWebPool Exception information: Exception type: CryptographicException Exception message: FIM CM was unable to decrypt necessary data. Request information: Request URL: http://fim/CertificateManagement/content/common/requests/DisplayRequestStatus.aspx?ID=4f7f1727c361462197a918be0545b3e1 Request path: /CertificateManagement/content/common/requests/DisplayRequestStatus.aspx User host address: 192.168.1.25 User: Domain\user Is authenticated: True Authentication Type: Negotiate Thread account name: Domain\clmWebPool Thread information: Thread ID: 8 Thread account name: Domain\clmWebPool Is impersonating: False Stack trace: at Microsoft.Clm.BusinessLayer.DataEncryption.DecryptUsingAES(String encryptedDataBlob) at Microsoft.Clm.BusinessLayer.DataEncryption.Decrypt(String encrypted) at Microsoft.Clm.BusinessLayer.DefaultSecretProvider.ReadXml(String xml) at Microsoft.Clm.BusinessLayer.DefaultSecretProvider.GetSecrets(Request request) at Microsoft.Clm.BusinessLayer.SecretsUtility.GetNumberOfSecrets(UserProfile profileTemplate, Request clmRequest) at Microsoft.Clm.BusinessLayer.CheckClmOperations.CanCurrentUserDistributeSecretsOnClmRequest(UserProfile profileTemplate, Request clmRequest) at Microsoft.Clm.Web.Modules.OneTimePasswordUserControl.Page_Load(Object sender, EventArgs e) at System.Web.UI.Control.OnLoad(EventArgs e) at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) Custom event details:

On Wed, 24 Oct 2012 16:23:30 +0000, Sandadze wrote: I get this error when trying to issue a certificate and smart card for the users. FIM CM was unable to decrypt necessary data. And getting these errors in the logs Has this been working in the past? If so, how long has it been since you set up FIM CM? Could one or more of the agent certificates have expired? Paul Adare MVP - Forefront Identity Manager http://www.identit.ca Don't hit the keys so hard, it hurts.

I have set FIM CM yesterday and was working perfectly. Today I got that error. How can I check the certificates? Never mind. I have created new Templates for the Agents, reconfigure the FIM CM and it came back. Thanks for your help!!!