From 5478190fccb0c6974d2b24d364de630d081f3c7e Mon Sep 17 00:00:00 2001
From: Anders Abel <anders@duendesoftware.com>
Date: Wed, 20 Mar 2024 12:56:42 +0100
Subject: [PATCH] Exception type is updated from .NET 7 and up

---
 .../Services/Default/KeyManagement/X509KeyContainer.cs          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/IdentityServer/Services/Default/KeyManagement/X509KeyContainer.cs b/src/IdentityServer/Services/Default/KeyManagement/X509KeyContainer.cs
index df7a5cbb6..aca58482d 100644
--- a/src/IdentityServer/Services/Default/KeyManagement/X509KeyContainer.cs
+++ b/src/IdentityServer/Services/Default/KeyManagement/X509KeyContainer.cs
@@ -100,7 +100,7 @@ public override AsymmetricSecurityKey ToSecurityKey()
                 // handling this as it typically means the user profile is not loaded, and this is about the best way to detect this.
                 // when the user profile is not loaded, using X509KeyStorageFlags.MachineKeySet is the only way for this to work on windows.
                 // https://stackoverflow.com/questions/52750160/what-is-the-rationale-for-all-the-different-x509keystorageflags/52840537#52840537
-                catch (Exception ex) when (ex.GetType().Name == "WindowsCryptographicException")
+                catch (CryptographicException ex) when (ex.HResult == unchecked((int)0x80070002)) // File not found
                 {
                     _cert = new X509Certificate2(Convert.FromBase64String(CertificateRawData), (string) null, X509KeyStorageFlags.MachineKeySet);
                 }