First off a bit of background; We have IIS10 running on Windows Server 2016, and we have a SQL db containing columns encrypted with Always Encrypted on a separate SQL server running 2016. The application in question is ASP MVC in C#.NET using a connection string through Linq containing the Column Encryption Setting=Enabled parameter. The private key sits in the Personal certificate dir for iis apppool\defaultapppool and is also placed in the local machine with access rights provided to the app pool.
I've established that the data is decrypted when the site is accessed by my machine (where the key was created from), and then works on every other connection. However after a few minutes without a connection from my machine, the other users will get the error about the certificate not existing.
I currently have a scheduled task running every three minutes to load the site in chrome to keep it alive, but I would like a permanent solution.
Any ideas?