10.5 Folder Permissions - MachineKeys

During installation of Verify Privilege Manager 10.5 (or an upgrade from prior versions) Verify Privilege Manager attempts to create a new self-signed certificate for internal use. If permissions on the folder %ProgramData%\Microsoft\Crypto\RSA\MachineKeys are incorrect, the install fails with a cryptographic exception and the text Access Denied.

Follow the steps below to add Everyone (Read, Write, This Folder Only) permissions to %ProgramData%\Microsoft\Crypto\RSA\MachineKeys.

  1. Browse to %ProgramData%\Microsoft\Crypto\RSA\MachineKeys.

  2. Right-click on the folder and select Properties.

  3. Select the Security tab and click the Advanced button.

  4. On the Permissions tTab, click the Change permissions button. (If you are already running as an administrator, you may not need this step.)

  5. On the Permissions Tab, click Add.

  6. On the next dialog, click the Select a principal link.

  7. In the Enter the object name to select field, type Everyone and click OK.

  8. You will see the dialog shown below, select This folder only and Read and Write.

    Permission Entry for MachineKeys

  9. Click OK to add the entry.

  10. Click Apply to apply the changes.

  11. Navigate back to the Verify Privilege Manager Setup page and select the repair option for the Verify Privilege Manager Server Core Solution.