I am trying to HTTPS connect my gRPC client and service, both running under .Net 5 on my local Windows 10 machine. Now I am getting this certificate error and not sure how to fix it:
Status(StatusCode=\"Internal\", Detail=\"Error starting gRPC call.
HttpRequestException: The SSL connection could not be established, see inner exception.
AuthenticationException: The remote certificate is invalid because of errors in the certificate chain: UntrustedRoot\", DebugException=\"System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.\r\n
---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid because of errors in the certificate chain: UntrustedRoot\r\n at System.Net.Security.SslStream.SendAuthResetSignal(ProtocolToken message, ExceptionDispatchInfo exception)\r\n at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](TIOAdapter adapter, Boolean receiveFirst, Byte[] reAuthenticationData, Boolean isApm)\r\n at System.Net.Http.ConnectHelper.EstablishSslConnectionAsyncCore(Boolean async, Stream stream, SslClientAuthenticationOptions sslOptions, CancellationToken cancellationToken)\r\n --- End of inner exception stack trace ---\r\n at System.Net.Http.ConnectHelper.EstablishSslConnectionAsyncCore(Boolean async, Stream stream, SslClientAuthenticationOptions sslOptions, CancellationToken cancellationToken)\r\n at System.Net.Http.HttpConnectionPool.ConnectAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)\r\n at System.Net.Http.HttpConnectionPool.GetHttp2ConnectionAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)\r\n at System.Net.Http.HttpConnectionPool.SendWithRetryAsync(HttpRequestMessage request, Boolean async, Boolean doRequestAuth, CancellationToken cancellationToken)\r\n at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)\r\n at Grpc.Net.Client.Internal.GrpcCall`2.RunCall(HttpRequestMessage request, Nullable`1 timeout)\")
I tried to install a dev certificate by running the commend below, but it seems one have already exist:
And it appears that I have this cert under both of my Personal and Trusted Root stores
I do noticed however, that the cert exists in my stores is "IIS Express Development Certificate", instead of "ASP.NET Core HTTPS development certificate". Dose that matter? If so, how do I get the correct cert installed? If not, what else am I missing?
In case anyone interested - in my case, this was caused by the fact that gRPC hosting is not supported by IIS under my current build level of Windows. While I was waiting for MS to complete a solution, I just added the following to my gRPC client side:
var httpHandler = new HttpClientHandler();
httpHandler.ServerCertificateCustomValidationCallback = HttpClientHandler.DangerousAcceptAnyServerCertificateValidator;
var channel = GrpcChannel.ForAddress(ServerAddress, new GrpcChannelOptions { HttpHandler = httpHandler });
As you can see, this code is TEMPERARY and not meant for production. Microsoft has recently said that the support has been included in the operation system's build 20241 or later, which I am planning to test in the coming weeks.
Related
We have an application that is installed on a clients machine. There is 1 website, 10 API's and the identityServer. Users can log in but the process fails when the web tries to load. The API logs are as follows
**System.InvalidOperationException: IDX20803: Unable to obtain configuration from: 'https://***.****.com:8091/.well-known/openid-configuration'. ---> System.IO.IOException: IDX20804: Unable to retrieve document from: 'https://***********:8091/.well-known/openid-configuration'. ---> System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception. ---> System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. ---> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host
--- End of inner exception stack trace ---
at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.ThrowException(SocketError error)
at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.GetResult(Int16 token)
at System.Net.FixedSizeReader.ReadPacketAsync(Stream transport, AsyncProtocolRequest request)
at System.Net.Security.SslState.ThrowIfExceptional()
at System.Net.Security.SslState.InternalEndProcessAuthentication(LazyAsyncResult lazyResult)
at System.Net.Security.SslState.EndProcessAuthentication(IAsyncResult result)
at System.Net.Security.SslStream.EndAuthenticateAsClient(IAsyncResult asyncResult)
at System.Net.Security.SslStream.<>c.<AuthenticateAsClientAsync>b__47_1(IAsyncResult iar)
at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization)
--- End of stack trace from previous location where exception was thrown ---
at System.Net.Http.ConnectHelper.EstablishSslConnectionAsyncCore(Stream stream, SslClientAuthenticationOptions sslOptions, CancellationToken cancellationToken)
--- End of inner exception stack trace ---
at System.Net.Http.ConnectHelper.EstablishSslConnectionAsyncCore(Stream stream, SslClientAuthenticationOptions sslOptions, CancellationToken cancellationToken)
at System.Threading.Tasks.ValueTask`1.get_Result()
at System.Net.Http.HttpConnectionPool.CreateConnectionAsync(HttpRequestMessage request, CancellationToken cancellationToken)
at System.Threading.Tasks.ValueTask`1.get_Result()
at System.Net.Http.HttpConnectionPool.WaitForCreatedConnectionAsync(ValueTask`1 creationTask)
at System.Threading.Tasks.ValueTask`1.get_Result()
at System.Net.Http.HttpConnectionPool.SendWithRetryAsync(HttpRequestMessage request, Boolean doRequestAuth, CancellationToken cancellationToken)
at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
at System.Net.Http.HttpClient.FinishSendAsyncBuffered(Task`1 sendTask, HttpRequestMessage request, CancellationTokenSource cts, Boolean disposeCts)
at Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(String address, CancellationToken cancel)
--- End of inner exception stack trace ---
at Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(String address, CancellationToken cancel)
at Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfigurationRetriever.GetAsync(String address, IDocumentRetriever retriever, CancellationToken cancel)
at Microsoft.IdentityModel.Protocols.ConfigurationManager`1.GetConfigurationAsync(CancellationToken cancel)
--- End of inner exception stack trace ---
at Microsoft.IdentityModel.Protocols.ConfigurationManager`1.GetConfigurationAsync(CancellationToken cancel)
at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()**
The application is installed on IIS under 12 websites. Each website shares the same internal URL but with different ports. We can get the identity server configuration by browsing to the url but the APIs cannot seem to do the same.
Any help is greatly appreciated
This is HTTPS issue as mentioned in comments as well.
You need to create 2 certificates to fix this. One for SSL and the other for signing. Use the SSL certificate to set up SSL on your local IIS. Although the SSL certificate won’t be trusted until you configure the cert as trusted on the client machine.
To create these self-signed certificates you can use makecert scripts. All parameters to create these two certificates should match except the CN (common name) parameter. For the SSL cert this must match the host name. For signing it’s just a unique name.
You can read more here and here
I am working with a Blazor wasm project. I have been trying to start the debugger browser dev tools with blazor and i keep getting an error
I hit
Debugging hotkey: Shift+Alt+D (when application has focus)
Which gives me
Unable to find debuggable browser tab
Could not get a list of browser tabs from http://localhost:9222/json. Ensure Chrome is running with debugging enabled.
Resolution
Close all Chrome instances, then press Win+R and enter the following:
"%programfiles(x86)%\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9222 http://localhost:52878/
... then use that new tab for debugging.
Underlying exception: System.Net.Http.HttpRequestException: No
connection could be made because the target machine actively refused
it. ---> System.Net.Sockets.SocketException (10061): No connection
could be made because the target machine actively refused it. at
System.Net.Http.ConnectHelper.ConnectAsync(String host, Int32 port,
CancellationToken cancellationToken) --- End of inner exception
stack trace --- at
System.Net.Http.ConnectHelper.ConnectAsync(String host, Int32 port,
CancellationToken cancellationToken) at
System.Net.Http.HttpConnectionPool.ConnectAsync(HttpRequestMessage
request, Boolean allowHttp2, CancellationToken cancellationToken)
at
System.Net.Http.HttpConnectionPool.CreateHttp11ConnectionAsync(HttpRequestMessage
request, CancellationToken cancellationToken) at
System.Net.Http.HttpConnectionPool.GetHttpConnectionAsync(HttpRequestMessage
request, CancellationToken cancellationToken) at
System.Net.Http.HttpConnectionPool.SendWithRetryAsync(HttpRequestMessage
request, Boolean doRequestAuth, CancellationToken cancellationToken)
at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage
request, CancellationToken cancellationToken) at
System.Net.Http.DiagnosticsHandler.SendAsync(HttpRequestMessage
request, CancellationToken cancellationToken) at
System.Net.Http.HttpClient.FinishSendAsyncUnbuffered(Task1 sendTask,
HttpRequestMessage request, CancellationTokenSource cts, Boolean
disposeCts) at System.Net.Http.HttpClient.GetStringAsyncCore(Task1
getTask) at
Microsoft.AspNetCore.Builder.BlazorMonoDebugProxyAppBuilderExtensions.GetOpenedBrowserTabs(String
debuggerHost) at
Microsoft.AspNetCore.Builder.BlazorMonoDebugProxyAppBuilderExtensions.DebugHome(HttpContext
context)
I shut down all chome browser and run the command instructed but it doesnt help i get the same error
I suspect the issue is related to the fact that as soon as chrome starts it spawns a large number of other chromes i can see them
I tried killing them all so there was no chrome running then firing off the command that didnt work either because again i ended up with like 10 chromes running.
How do you find the debugged browser tab with blazor?
I am using Blazor webassembly, .NET Core 5.0.100-preview.7.20366.6 ; Google Chrome version 84.0.4147.105 (Official Build) (64-bit); Visual Studio 2019 preview Community edition.
You will see message like this
Unable to find debuggable browser tab
Could not get a list of browser tabs from http://127.0.0.1:9222/json. Ensure your browser is running with debugging enabled.
Resolution
If you are using Google Chrome for your development, follow these instructions:
Press Win+R and enter the following:
chrome --remote-debugging-port=9222 --user-data-dir="C:\Users\donhuvy\AppData\Local\Temp\blazor-chrome-debug" https://localhost:44376/
If you are using Microsoft Edge (80+) for your development, follow these instructions:
Press Win+R and enter the following:
msedge --remote-debugging-port=9222 --user-data-dir="C:\Users\donhuvy\AppData\Local\Temp\blazor-edge-debug" --no-first-run https://localhost:44376/
This should launch a new browser window with debugging enabled..
Let's do like the guide.
(1) Copy these text
chrome --remote-debugging-port=9222 --user-data-dir="C:\Users\donhuvy\AppData\Local\Temp\blazor-chrome-debug" https://localhost:44376/
(2) Press Windows+R, paste by Ctrl+V , then, press Enter
(3) Go to http://127.0.0.1:9222/json , you will see
this is debug information.
(4) When you press Shift+Alt+D
(FYI, this is my first Microsoft project of any type and I am not familiar with technologies like proxy servers, etc so my description of the issues may not be the greatest).
I have been working on an ASP.NET Core 3.0 (preview) React app for the past month or so without any issues. Last Friday I started updating the web api to pull data from the database for charting in the UI. This week I picked up where I left off but my project now errors on start up.
Events that occurred since it was last working... I installed and used Fiddler briefly on Friday to run some api calls but then switched over to Postman. Everything was fine and I left everything running (may have closed Fiddler, don't recall). This week I made some database changes (set a multi-column index via the Fluent API) and added more data to the database (SQL Server). I then proceeded to continue working on the web api starting with a request in Postman but it errored. I went to view the app UI but that errored as well.
After two days of googling/troubleshooting I think the most useful error given is the one below. From the error messages, I do not know where port 50158 is coming from. The app loads at https://localhost:44398/. I performed a search for "50158" on my whole computer and only found it in IIS log files. Here are the first 4 lines in each log file. The rest of each file mentions only '44398'.
Successfully registered URL "https://localhost:44398/" for site "MyAwesomeApplication" application "/"
Successfully registered URL "http://localhost:50158/" for site "MyAwesomeApplication" application "/"
Registration completed for site "MyAwesomeApplication"
Request started: "GET" https://localhost:44398/
I found some posts on SO that mention Fiddler causing similar issues to this error, however, they have not helped me resolve the problem.
Some posts on SO mention unchecking "Automatically detect settings" on the Internet Properties > Connections > LAN settings. It is indeed unchecked on my computer.
Some things I have tried:
I created a new project using all the same specifications but get the same errors.
I completely removed Fiddler.
I reverted the latest database changes.
Where is this problem coming from and what do I need to do to fix it?
Please let me know if more (and what) info would be useful. This issue is out of my current knowledgebase.
#
Error message (sorry, not sure how to format it nicely)
An unhandled exception occurred while processing the request.
SocketException: No connection could be made because the target machine actively refused it.
System.Net.Http.ConnectHelper.ConnectAsync(string host, int port, CancellationToken cancellationToken)
HttpRequestException: No connection could be made because the target machine actively refused it.
System.Net.Http.ConnectHelper.ConnectAsync(string host, int port, CancellationToken cancellationToken)
HttpRequestException: Failed to proxy the request to http://localhost:50158/, because the request to the proxy target failed. Check that the proxy target server is running and accepting requests to http://localhost:50158/.
The underlying exception message was 'No connection could be made because the target machine actively refused it.'.Check the InnerException for more details.
Microsoft.AspNetCore.SpaServices.Extensions.Proxy.SpaProxy.PerformProxyRequest(HttpContext context, HttpClient httpClient, Task baseUriTask, CancellationToken applicationStoppingToken, bool proxy404s)
Stack Query Cookies Headers Routing
SocketException: No connection could be made because the target machine actively refused it.
System.Net.Http.ConnectHelper.ConnectAsync(string host, int port, CancellationToken cancellationToken)
Show raw exception details
HttpRequestException: No connection could be made because the target machine actively refused it.
System.Net.Http.ConnectHelper.ConnectAsync(string host, int port, CancellationToken cancellationToken)
System.Threading.Tasks.ValueTask.get_Result()
System.Net.Http.HttpConnectionPool.ConnectAsync(HttpRequestMessage request, bool allowHttp2, CancellationToken cancellationToken)
System.Threading.Tasks.ValueTask.get_Result()
System.Net.Http.HttpConnectionPool.CreateHttp11ConnectionAsync(HttpRequestMessage request, CancellationToken cancellationToken)
System.Threading.Tasks.ValueTask.get_Result()
System.Net.Http.HttpConnectionPool.GetHttpConnectionAsync(HttpRequestMessage request, CancellationToken cancellationToken)
System.Threading.Tasks.ValueTask.get_Result()
System.Net.Http.HttpConnectionPool.SendWithRetryAsync(HttpRequestMessage request, bool doRequestAuth, CancellationToken cancellationToken)
System.Net.Http.HttpClient.FinishSendAsyncUnbuffered(Task sendTask, HttpRequestMessage request, CancellationTokenSource cts, bool disposeCts)
Microsoft.AspNetCore.SpaServices.Extensions.Proxy.SpaProxy.PerformProxyRequest(HttpContext context, HttpClient httpClient, Task baseUriTask, CancellationToken applicationStoppingToken, bool proxy404s)
Show raw exception details
HttpRequestException: Failed to proxy the request to http://localhost:50158/, because the request to the proxy target failed. Check that the proxy target server is running and accepting requests to http://localhost:50158/. The underlying exception message was 'No connection could be made because the target machine actively refused it.'.Check the InnerException for more details.
Microsoft.AspNetCore.SpaServices.Extensions.Proxy.SpaProxy.PerformProxyRequest(HttpContext context, HttpClient httpClient, Task baseUriTask, CancellationToken applicationStoppingToken, bool proxy404s)
Microsoft.AspNetCore.Builder.SpaProxyingExtensions+<>c__DisplayClass2_0+<b__0>d.MoveNext()
Microsoft.AspNetCore.Builder.RouterMiddleware.Invoke(HttpContext httpContext)
IdentityServer4.Hosting.IdentityServerMiddleware.Invoke(HttpContext context, IEndpointRouter router, IUserSession session, IEventService events)
IdentityServer4.Hosting.MutualTlsTokenEndpointMiddleware.Invoke(HttpContext context, IAuthenticationSchemeProvider schemes)
Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
IdentityServer4.Hosting.BaseUrlMiddleware.Invoke(HttpContext context)
Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore.MigrationsEndPointMiddleware.Invoke(HttpContext context)
Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore.DatabaseErrorPageMiddleware.Invoke(HttpContext httpContext)
Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore.DatabaseErrorPageMiddleware.Invoke(HttpContext httpContext)
Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context)
Show raw exception details
For me it had to do with cookie size being too large for development server.
I was working on a React client app served by ASP.NET Core 3.1 with Keycloak as an OP.
Fresh React templates did also suddenly not start anymore.
Clearing cookies made my projects start again.
ref:
https://techcommunity.microsoft.com/t5/iis-support-blog/400-error-in-asp-net-core-project-because-of-8-kb-cookie-limit/bc-p/1308877#M431
I decided to try and roll all the NuGet packages to a previous version (v3.0.0-preview5-19227). My app now functions as expected. Looking at the download page for dotnet-core, it looks like v3.0.0-preview6 was released on 06/12. I started my project way before that so maybe I updated the packages and just don't recall??? Either way, time to make up for 2 days lost.
I'm using SignalR v2.0 on Windows Server 2012 with IIS8,
I enabled WebSockets on the server by the following article,
http://www.iis.net/learn/get-started/whats-new-in-iis-8/iis-80-websocket-protocol-support
But signalR first tries to work with websockets, and right after that change the transport to serverSentEvents
The negotiation response is TryWebSockets=True
The response header of connecting with websockets is
Upgrade: Websocket
X-Content-Type-Options: nosniff
Connection: Upgrade
with status code 101 (Switching Protocols)
All my solution's projects are using .NET4.5
I also saw the following message in the Event Viewer (not sure if it is relevant)
Exception information:
Exception type: InvalidOperationException
Exception message: Unrecognized user identity. The user identity cannot change during an active SignalR connection. at
Microsoft.AspNet.SignalR.PersistentConnection.GetConnectionId(HostContext
context, String connectionToken) at
Microsoft.AspNet.SignalR.PersistentConnection.ProcessRequest(HostContext
context) at
Microsoft.AspNet.SignalR.Hubs.HubDispatcher.ProcessRequest(HostContext
context) at
Microsoft.AspNet.SignalR.PersistentConnection.ProcessRequest(IDictionary`2
environment) at
Microsoft.AspNet.SignalR.Owin.Middleware.HubDispatcherMiddleware.Invoke(IOwinContext
context) at
Microsoft.Owin.Mapping.MapMiddleware.d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown --- at
Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.StageAsyncResult.End(IAsyncResult
ar) at
Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.IntegratedPipelineContext.EndFinalWork(IAsyncResult
ar) at
System.Web.HttpApplication.AsyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step,
Boolean& completedSynchronously)
what is wrong ?
You can't change the user's identity during an active connection. It means you're probably doing something like logging in a user without stopping the connection first.
I'm getting errors (strange ones) when I try to do GET,PUT,POST,DELETE with https to the same WebAPI controller calls that work http. Is there any special web.config magic that is needed for https with WebAPI controllers?
** ADDING ERROR:
(this is the error code I get when I hit the same GET web api controller as the one that works with http. that is, http works, https fails with this error)
{"message":"An error has occurred.","exceptionMessage":"A null value was returned where an instance of HttpResponseMessage was expected.","exceptionType":"System.InvalidOperationException","stackTrace":" at System.Web.Http.Controllers.ResponseMessageResultConverter.Convert(HttpControllerContext controllerContext, Object actionResult)\r\n at System.Web.Http.Controllers.ApiControllerActionInvoker.<>c__DisplayClass3.<InvokeActionAsync>b__1(Object value)\r\n at System.Threading.Tasks.TaskHelpersExtensions.<>c__DisplayClass3b`2.<Then>b__3a(Task`1 t)\r\n at System.Threading.Tasks.TaskHelpersExtensions.ThenImpl[TTask,TOuterResult](TTask task, Func`2 continuation, CancellationToken cancellationToken, Boolean runSynchronously)"}