##[error]Unhandled exception. Internal.Cryptography.CryptoThrowHelper+WindowsCryptographicException: There are no more endpoints available from the endpoint mapper.

[Etele85]

Hello!

Does anybody familiar with this issue? We are trying to sign files via retrieveing certificate keyvault and sometimes this error printed. 8 tries from 10 end well, but sometimes it does happen. Tool exists with successful signing in this case unfortunately.

2024-02-07T21:16:13.5534657Z Signing "Removed intentionally".exe...
2024-02-07T21:16:14.6074884Z trce: AzureSignTool.SignCommand[0]
2024-02-07T21:16:14.6083084Z Retrieving certificate "Removed intentionally"
2024-02-07T21:16:15.1892671Z trce: AzureSignTool.SignCommand[0]
2024-02-07T21:16:15.1902012Z Retrieved certificate"Removed intentionally"
2024-02-07T21:16:15.1909683Z trce: AzureSignTool.SignCommand[0]
2024-02-07T21:16:15.1917771Z Creating context
2024-02-07T21:16:17.3294299Z ##[error]Unhandled exception. Internal.Cryptography.CryptoThrowHelper+WindowsCryptographicException: There are no more endpoints available from the endpoint mapper.
at Internal.Cryptography.Helpers.OpenStorageProvider(CngProvider provider)
at System.Security.Cryptography.CngKey.Import(ReadOnlySpan1 keyBlob, String curveName, CngKeyBlobFormat format, CngProvider provider) at System.Security.Cryptography.CngKey.Import(Byte[] keyBlob, String curveName, CngKeyBlobFormat format, CngProvider provider) at System.Security.Cryptography.CngKey.Import(Byte[] keyBlob, CngKeyBlobFormat format) at Internal.Cryptography.Pal.X509Pal.DecodePublicKey(Oid oid, Byte[] encodedKeyValue, Byte[] encodedParameters, ICertificatePal certificatePal) at Internal.Cryptography.Pal.CertificateExtensionsCommon.GetPublicKey[T](X509Certificate2 certificate, Predicate1 matchesConstraints)
at System.Security.Cryptography.X509Certificates.RSACertificateExtensions.GetRSAPublicKey(X509Certificate2 certificate)
at RSAKeyVaultProvider.KeyVaultContext..ctor(TokenCredential credential, Uri keyId, X509Certificate2 publicCertificate) in //RSAKeyVaultProvider/KeyVaultContext.cs:line 51
at RSAKeyVaultProvider.RSAFactory.Create(TokenCredential credential, Uri keyId, X509Certificate2 publicCertificate) in //RSAKeyVaultProvider/RSAKeyVaultExtensions.cs:line 66
at AzureSignTool.SignCommand.OnExecuteAsync(CommandLineApplication app, IConsole console) in //src/AzureSignTool/SignCommand.cs:line 284
at McMaster.Extensions.CommandLineUtils.Conventions.ExecuteMethodConvention.InvokeAsync(MethodInfo method, Object instance, Object[] arguments)
at McMaster.Extensions.CommandLineUtils.Conventions.ExecuteMethodConvention.OnExecute(ConventionContext context, CancellationToken cancellationToken)
at McMaster.Extensions.CommandLineUtils.Conventions.ExecuteMethodConvention.<>c__DisplayClass0_0.<b__0>d.MoveNext()
--- End of stack trace from previous location ---
at McMaster.Extensions.CommandLineUtils.CommandLineApplication.ExecuteAsync(String[] args, CancellationToken cancellationToken)
at McMaster.Extensions.CommandLineUtils.CommandLineApplication.Execute(String[] args)
at AzureSignTool.Program.Main(String[] args) in //src/AzureSignTool/Program.cs:line 26
2024-02-07T21:16:17.3302719Z Signing of "Removed intentionally" .exe succeeded.
2024-02-07T21:16:17.3302963Z SignWithCertificateAzure script is finished

[vcsjones]

This issue has been plaguing .NET and it isn't very well understand. It is likely do to low system resource availability.

Are you signing a bunch of files at once? If so, you might try reducing the amount of parallelism used.

[Etele85]

We are signing 5 or 10 files at that time, I won't say it as a bunch of files. Retrying the signing if failed 5 times.
Issue comes and goes, right now we did not had it in the last week, but before that it was happening daily multiple times for a short time. It is happening randomly like this.Couldn't understand what is triggereing it either and why it goes away.