This article was created in response to a support issue logged with K2. The content may include typographical errors and may be revised at any time without notice This article is not considered official documentation for K2 software and is provided "as is" with no warranties.
When upgrading from 4.6.11 to 4.7, a certificate key error appears during post configuration analysis.
"Certificates.AddAccessToCertificate: 12:37:48:>> Add private key access to cert for user: Domain\k2_service_account_name and Domain\k2_web_app_pool Find certificate: 932XXXXX9F96C7413C7702EXXXXXX in store My Logged Error: Could not set key access: System.NullReferenceException: Object reference not set to an instance of an object."
The accounts don't have rights to read/access K2 self-signed certificates' private key during the initial upgrade.
1. Search in the certificate stores in the MMC for the complained thumbprint.
2. Make sure that it exists in the Personal/Trust Root Certification…/Intermediate Certification stores.
3. Right click on the certificate and select All Tasks > Manage Private Keys and give the above K2 service account/K2 web-app pool accounts Full control over it.
Alternatively, you can give Everyone with Full Control to private key.
4. Run K2 Blackpearl SetupManager and select reconfigure K2 components.