-
Notifications
You must be signed in to change notification settings - Fork 10k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
HTTPS requests fail with "The ASP.NET Core developer certificate is in an invalid state." #18236
Comments
@anurse it could be. Try adding
to see if that fixes the issue with dotnet run. |
Adding Output of
|
This is the notarization issue on OS X. This is a known issue and we are working on a fix. |
We can close this as it’s a dupe. |
I can confirm that |
Ok, closing this then. We're very well aware of issues with certificates on macOS Catalina and are working on a fix. The workaround @javiercn indicated should help resolve this issue while we fix the underlying problem. |
Works for me. It seems like the problem hasn’t been fixed in .net core 3.1.101 build though |
FYI, the solution:
Worked for me on Catalina only. It did not work on Mojave. Does anyone know why this solution works? |
Is this an issue with the dev certificate generation/installation or in the SslStream class? Because I get this same error when using an HttpClient to make an HTTPS request to a local aspnet core app or to any HTTPS URL when using the Burp proxy, which requires installing a root cert in the keychain. I'm just wondering if I need to open a bug with PortSwigger about this, or if the fix in .NET core will take care of it. |
Hi. It looks like you are posting on a closed issue! We're very likely to lose track of your bug/feedback/question unless you:
|
I have dotnet 3.1.102 installed on macOS Mojave 10.14.6. I have self signed SSL certificates installed in my Keychain. Chrome and Safari are fine with these certificates. But, when I make an HTTP request in C#, using dotnet core, to a website that uses one of those certs, I get a very similar stack trace to the one in this issue, where System.Net.Security.SslStream.StartSendAuthResetSignal ultimately throws an exception stating, "the remote certificate is invalid according to the validation procedure." I'm asking here, since the "dup" issue doesn't really explain the problem in a way that I understand. My question is: Is #17581 about dotnet core being unable to read or utilize self-signed certs that are added to the keychain? Or do I have a novel issue? |
I want to run with just HTTP not HTTPS. dotnet 3.0.1 In startup I have commented out Any tips? |
Describe the bug
Migrated an aspnet core app from .Net Core 2.2 to .Net Core 3.1 and now requests to the app fail with
Things I tried without success:
dotnet dev-certs https --clean
,dotnet dev-certs https
anddotnet dev-certs https --trust
as described in the exceptionmanually deleting the certificates from the keychain and the running
dotnet dev-certs https --trust
uninstalling all .net versions with
dotnet-core-uninstall
tool and installing only .Net Core 3.1 then repeating 1) and 2)I tried to debug the framework code and the underlying exception in
CertificateManager.CheckDeveloperCertificateKey
isIt look like this may be related to #17581
To Reproduce
dotnet new mvc dotnet run open "https://localhost:5001/"
Further technical details
dotnet --info
Happens in terminal with
dotnet run
and in VS Code as well.VS Code version:
The text was updated successfully, but these errors were encountered: