This last weekend we migrated from CLM to FIM CM 2010. There were a few challenges along the way, but all-in-all, the process went well.
One issue that had us stuck for a while was issuing certificates via the Web UI. The page would just crash and the standard ASP.NET Custom Error page was displayed.
Looking in the Event Log on the server, FIM CM was kind enough to provide the Stack Trace:
Message:Exception of type 'System.Web.HttpUnhandledException' was thrown.
Type:System.Web.HttpUnhandledException
Source:System.Web
Stack Trace: at System.Web.UI.Page.HandleError(Exception e)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at ASP.content_common_requests_displayrequeststatus_aspx.ProcessRequest(HttpContext context) in c:\Windows\Microsoft.NET\Framework64\v2.0.50727\Temporary ASP.NET Files\certificateservices\968a37bb\a2c21b4b\App_Web_0rr2yso4.5.cs:line 0
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
Inner Exception:Message:Data at the root level is invalid. Line 1, position 1.
Type:System.Xml.XmlException
Source:System.Xml
Stack Trace: at System.Xml.XmlTextReaderImpl.Throw(Exception e)
at System.Xml.XmlTextReaderImpl.ParseRootLevelWhitespace()
at System.Xml.XmlTextReaderImpl.ParseDocumentContent()
at System.Xml.XmlLoader.Load(XmlDocument doc, XmlReader reader, Boolean preserveWhitespace)
at System.Xml.XmlDocument.Load(XmlReader reader)
at System.Xml.XmlDocument.LoadXml(String xml)
at Microsoft.Clm.BusinessLayer.DataEncryption.DecryptUsingAES(String encryptedDataBlob, X509Certificate2 certificateToUse)
at Microsoft.Clm.BusinessLayer.DataEncryption.Decrypt(String encrypted)
at Microsoft.Clm.BusinessLayer.DefaultSecretProvider.ReadXml(String xml)
at Microsoft.Clm.BusinessLayer.DefaultSecretProvider.GetSecrets(Request request)
at Microsoft.Clm.BusinessLayer.SecretsUtility.GetNumberOfSecrets(UserProfile profileTemplate, Request clmRequest)
at Microsoft.Clm.BusinessLayer.CheckClmOperations.CanCurrentUserDistributeSecretsOnClmRequest(UserProfile profileTemplate, Request clmRequest)
at Microsoft.Clm.Web.Modules.OneTimePasswordUserControl.Page_Load(Object sender, EventArgs e)
at System.Web.UI.Control.OnLoad(EventArgs e)
at System.Web.UI.Control.LoadRecursive()
at System.Web.UI.Control.LoadRecursive()
at System.Web.UI.Control.LoadRecursive()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
What is this all about? Inner Exception:Message:Data at the root level is invalid. Line 1, position 1.
After a great deal of googling, the error was in fact that a service installed on the FIM CM Server named ‘CNG Key Isolation’ was not started. To resole the issue, simply start the service and change the start-up type to Automatic for the future.
I hope this saves you some searching time in the future.
You can read more about this issue here:
SILK SPUN 
Leave a comment