I'm using This GoogleJsonWebToken class to generate an access token to be used with json calls to the Google Calendar API. It works perfectly fine in IIS Express on my dev machine when I use the following (using my actual service account email):

string p12Path = HttpContext.Current.Server.MapPath("~/App_Data/certificate.p12"); var auth = GoogleJsonWebToken.GetAccessToken("uniquestring@developer.gserviceaccount.com", p12Path, "https://www.googleapis.com/auth/calendar"); string Token = auth["access_token"];

To test this I'm just calling @Token in my cshtml razor view. When I publish this to my Azure website it doesn't work. If i leave the GoogleJsonWebToken class unmodified I get a very unhelpful 502 - Web server received an invalid response while acting as a gateway or proxy server. with no other information.

After some Google searches I found this SO post which is a similar problem. So I tried their solution I get System.Security.Cryptography.CryptographicException: The system cannot find the file specified. when that is run from my Azure Website. When it is run from my dev machine I get System.Net.WebException: The remote server returned an error: (400) Bad Request. which I think is because with that solution the CspKeyContainerInfo.KeyContainerName is null whereas the original unmodified class when run on my dev machine gives me something like {C0E26DC5-5D2C-4C77-8E40-79560F519588} which is randomly generated each time and this value is used in the process of signing the signature.

I then found this SO post but that solution yielded the same results as the last solution.

I have also tried most of the different combinations of X509KeyStorageFlags to no avail.