RSA Encryption Failure in D365FO Prod – KeyNotFoundException #Important

dynamics_Dude · January 10, 2026, 4:08pm

 public static str encryptWithPublicKey(str jsonPayload, str publicKeyXml)
  {
    System.Exception     netException;
    System.Security.Cryptography.RSACryptoServiceProvider rsa;
    System.Text.Encoding encoding;
    System.Byte[]        payloadBytes;
    System.Byte[]        encryptedBytes;
    str                  base64Encrypted;
        
    try
    {
     
      rsa = new System.Security.Cryptography.RSACryptoServiceProvider();
            
     
      rsa.FromXmlString(publicKeyXml);
            
     
      encoding = System.Text.Encoding::get_UTF8();
            
     
      payloadBytes = encoding.GetBytes(jsonPayload);
            
     
      encryptedBytes = rsa.Encrypt(payloadBytes, false);
     
      base64Encrypted = System.Convert::ToBase64String(encryptedBytes);
    }
    catch(netException)
    {
      error(strFmt("Encryption failed: %1", netException.ToString()));
      return "";
    }
        
    return base64Encrypted;
  }

Hello,

I am implementing RSA encryption of JSON data in D365FO using a public key extracted from a .pem file.

The solution works correctly in UAT and Performance, but fails in Production with the following error during batch execution:

The given key was not present in the dictionary
Batch task failed: KeyNotFoundException

Initially, the public key was read from Azure Key Vault. To rule this out, I moved the key to a table memo field, but the same error occurs in Production only.

Since the code and configuration are identical across environments, I suspect a production-specific issue related to encryption handling, batch execution context or security (not aware if their is )

Any guidance on resolving this would be appreciated.

Regards,
Ayushaman

MartinDrab · January 10, 2026, 6:14pm

It seems that you don’t know yet where the exception is thrown, and addressing an unknown problem is naturally very difficult.

You can use Monitoring and telemetry to log exceptions, including the stack trace, into Application Insights.

dynamics_Dude · January 11, 2026, 6:30pm

Hi,
Thanks for your insights.No, exactly because when i run a job it throws the same error continuously in production . I haven’t checked the application insights from azure as i am not aware of exactly how to do it can you tell me some blog or guide me that you be very helpful for me .
Thanks,
Ayushaman

MartinDrab · January 12, 2026, 11:31am

If you don’t use the Monitoring and telemetry features, check if you can’t find the error in LCS. Open details of the production environment, click Environment monitoring (at the bottom), switch to Activity tab, select All error events as the query, set a time range and run the search.

You can find the documentation and blog posts about Monitoring and telemetry by simply putting the feature name to a search engine. For instance, here is the documentation: Monitoring and telemetry overview.

dynamics_Dude · January 13, 2026, 5:35pm

Hi Martin,
thanks for the recommendation.I Checked and then found out the the third party Api’s that i am using is sending me the invalid request and because of that my parsed variable remained null or blank which gave the error.My D365 version is 44 which doesn’t have or configured telemetry last time checked my infra team once upgraded i will make sure telemetry is enabled .I appreciate your suggestion.
Thanks,
Ayushaman

MartinDrab · January 13, 2026, 5:49pm

The feature existed already in 10.0.31; I think it was introduced there.

You indeed need to enable and configure it, but you don’t need to wait for 10.0.45.