stackoom
  简体   繁体   中英

Dotnet to Dotnet call on Ubuntu failing with SSL connection error

 原文  2022-08-26 01:23:44       c#/ .net/ ubuntu/ ssl

Question

I have two projects that I'm running with dotnet 6 on Ubuntu, one is the UI and the other is the API, when the UI makes a call to the API, it returns an exception that is

Exception has occurred: CLR/System.Net.Http.HttpRequestException
Exception thrown: 'System.Net.Http.HttpRequestException' in System.Private.CoreLib.dll: 'The SSL connection could not be established, see inner exception.'
 Inner exceptions found, see $exception in variables window for more details.
 Innermost exception     System.Security.Authentication.AuthenticationException : The remote certificate is invalid because of errors in the certificate chain: UntrustedRoot

When I run dotnet dev-certs https --check it returns

A valid certificate was found: A09013A82738B7690B99C4CDECEA868CBA73CB4D - CN=localhost - Valid from 2022-08-25 20:00:24Z to 2023-08-25 20:00:24Z - IsHttpsDevelopmentCertificate: true - IsExportable: true

I used the respective script for Ubuntu from this repository and the UI and API both show as https in the browser afterwards. As a means of bypassing the check for ssl, I placed this in the Program.cs for both the UI and API

public class CustomHttpMessageHandlerBuilder : HttpMessageHandlerBuilder
{
    public override string Name { get; set; }
    public override HttpMessageHandler PrimaryHandler { get; set; }
    public override IList<DelegatingHandler> AdditionalHandlers => new List<DelegatingHandler>();
    // Our custom builder doesn't care about any of the above.
    public override HttpMessageHandler Build()
    {
        return new HttpClientHandler
        {
            // Our custom settings
            

            ServerCertificateCustomValidationCallback = delegate {return true;}
        };
    }
}

and above it

builder.Services.AddTransient<HttpMessageHandlerBuilder, CustomHttpMessageHandlerBuilder>();

I also tried the option

ServerCertificateCustomValidationCallback = HttpClientHandler.DangerousAcceptAnyServerCertificateValidator

But none of it has any effect, I'd rather not mess with the code too much but if it's a matter of a few lines in the Program.cs that would be a viable alternative but preferably I'd like to figure out why my UI and API projects cannot communicate properly.

1 answers

solution1
 0  2022-09-10 22:31:20

Had similar error.
Environment: Ubuntu 22.04, dotnet 6.
In my case, I created and trusted cert as indicated in microsoft docs:

  • Created developer certificate via dotnet dev-certs...
  • Trusted cert as indicated here
  • When client tried to communicate with api via httpclient (from factory), would get "...UntrustedRoot..." exception
  • Workaround: Added this to the http client factory configuration, in Program.cs , client app only:
...
.ConfigurePrimaryHttpMessageHandler(serviceProvider => new HttpClientHandler()  
{  
    ServerCertificateCustomValidationCallback = HttpClientHandler.DangerousAcceptAnyServerCertificateValidator  
})
...

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question TypeInitializationException / SSL library issue with dotnet core and Ubuntu The SSL connection could not be established in dotNet Core Dotnet 5 on mac with IS4 returns SSL connection could not be established ssl handshake error when running dotnet ef database update command dotnet SDK not installing in Ubuntu 22.04 Client Certificates in Dotnet Core on Ubuntu Run dotnet application on Ubuntu 20.04 dotnet nuke error How to make a direct connection in DotNet? DOTNET SPA - Connection String is wrong
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM