We are using an AWS EC2 Windows AMI to do our builds from a Jenkins job using the ec2-plugin.
Our libraries use the Windows Cryptography API: Next Generation (NG) (DPAPI) to protect sensitive data from C# and C++ components.
Our builds succeed without any issue, but our unit test trying to use this API in the AMI instance keeps on failing. On the C# side we get the following exception (almost the same on C++ side):
Access is denied.
Source: System.Security
HRESULT: -
2147024891Stack:
at System.Security.Cryptography.ProtectedData.Protect(Byte[] userData, Byte[] optionalEntropy, DataProtectionScope scope)
We could get the Unit Tests passing with PsExec, but the output is lost and the step that normally takes about 20 minutes now takes more than 4 hours.
From some reading up it seems like the WinRM connection is the cause of the issue, the PsExec seems to verify that.
Is there a way to configure or set up the AMI + plugin to allow us to use the DPAPI inside the AMI for the unit tests (Without having to use an external tool like PsExec)?
Regards,
Carel