No ratings

K2 4.7 Certificate Error during Blackpearl configuration analysis


K2 4.7 Certificate Error during Blackpearl configuration analysis

This article was created in response to a support issue logged with K2. The content may include typographical errors and may be revised at any time without notice. This article is not considered official documentation for K2 software and is provided "as is" with no warranties.
This article has been archived, and/or refers to legacy products, components or features. The content in this article is offered "as is" and will no longer be updated. Archived content is provided for reference purposes only. This content does not infer that the product, component or feature is supported, or that the product, component or feature will continue to function as described herein.


When upgrading from 4.6.11 to 4.7, a certificate key error appears during post configuration analysis.

"Certificates.AddAccessToCertificate: 12:37:48:>> Add private key access to cert for user: Domain\k2_service_account_name and Domain\k2_web_app_pool Find certificate: 932XXXXX9F96C7413C7702EXXXXXX in store My Logged Error: Could not set key access: System.NullReferenceException: Object reference not set to an instance of an object."


The accounts don't have rights to read/access K2 self-signed certificates' private key during the initial upgrade.

Troubleshooting Steps

1. Search in the certificate stores in the MMC for the complained thumbprint.

2. Make sure that it exists in the Personal/Trust Root Certification…/Intermediate Certification stores.

3. Right click on the certificate and select All Tasks > Manage Private Keys and give the above K2 service account/K2 web-app pool accounts Full control over it.

Alternatively, you can give Everyone with Full Control to private key.

4. Run K2 Blackpearl SetupManager and select reconfigure K2 components.

Labels: (2)
Version history
Last update:
‎03-15-2022 04:50 AM
Updated by: