CertificateUnknown error when connecting to Heroku Postgres database

Question

So I am in the middle of migrating from SQL Server to PostgreSQL, and I am building a temporary solution for the migration period to allow my ASP.NET app to connect to my Heroku Postgres database and make use of Entity Framework etc.

So far I have managed to connect to the database from pgAdmin III for windows with no problems, but when connecting from ASP.NET app, I get this error:

CertificateUnknown: Server certificate was not accepted. Chain status: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider. . The specified hostname was not present in the certificate.

I am still fairly new to heroku, but it does not make sense why I can connect from pgAdmin with the same settings as my ASP.NET app but it doesn't work in the app itself.

Full stack trace:

[ClientAlertException: CertificateUnknown: Server certificate was not accepted. Chain status: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider. . The specified hostname was not present in the certificate.]
TlsClientStream.TlsClientStream.SendAlertFatal(AlertDescription description, String message) +44
TlsClientStream.TlsClientStream.ParseCertificateMessage(Byte[] buf, Int32& pos) +1359
TlsClientStream.TlsClientStream.TraverseHandshakeMessages() +415
TlsClientStream.TlsClientStream.GetInitialHandshakeMessages(Boolean allowApplicationData) +336
TlsClientStream.TlsClientStream.PerformInitialHandshake(String hostName, X509CertificateCollection clientCertificates, RemoteCertificateValidationCallback remoteCertificateValidationCallback, Boolean checkCertificateRevocation) +198

[IOException: TlsClientStream.ClientAlertException: CertificateUnknown: Server certificate was not accepted. Chain status: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider. . The specified hostname was not present in the certificate. at TlsClientStream.TlsClientStream.SendAlertFatal(AlertDescription description, String message) at TlsClientStream.TlsClientStream.ParseCertificateMessage(Byte[] buf, Int32& pos) at TlsClientStream.TlsClientStream.TraverseHandshakeMessages() at TlsClientStream.TlsClientStream.GetInitialHandshakeMessages(Boolean allowApplicationData) at TlsClientStream.TlsClientStream.PerformInitialHandshake(String hostName, X509CertificateCollection clientCertificates, RemoteCertificateValidationCallback remoteCertificateValidationCallback, Boolean checkCertificateRevocation)]
TlsClientStream.TlsClientStream.PerformInitialHandshake(String hostName, X509CertificateCollection clientCertificates, RemoteCertificateValidationCallback remoteCertificateValidationCallback, Boolean checkCertificateRevocation) +289
Npgsql.NpgsqlConnector.RawOpen(NpgsqlTimeout timeout) +1372
Npgsql.NpgsqlConnector.Open(NpgsqlTimeout timeout) +314
Npgsql.NpgsqlConnection.OpenInternal() +461
Npgsql.NpgsqlConnection.Open() +4
Npgsql.NpgsqlServices.UsingPostgresDBConnection(NpgsqlConnection connection, Action`1 action) +162
Npgsql.NpgsqlServices.GetDbProviderManifestToken(DbConnection connection) +99
System.Data.Entity.Core.Common.DbProviderServices.GetProviderManifestToken(DbConnection connection) +87

[ProviderIncompatibleException: The provider did not return a ProviderManifestToken string.]
System.Data.Entity.Core.Common.DbProviderServices.GetProviderManifestToken(DbConnection connection) +271
System.Data.Entity.Utilities.DbProviderServicesExtensions.GetProviderManifestTokenChecked(DbProviderServices providerServices, DbConnection connection) +27

[ProviderIncompatibleException: An error occurred accessing the database. This usually means that the connection to the database failed. Check that the connection string is correct and that the appropriate DbContext constructor is being used to specify it or find it in the application's config file. See http://go.microsoft.com/fwlink/?LinkId=386386 for information on DbContext and connections. See the inner exception for details of the failure.]
System.Data.Entity.Utilities.DbProviderServicesExtensions.GetProviderManifestTokenChecked(DbProviderServices providerServices, DbConnection connection) +89
System.Data.Entity.Infrastructure.<>c__DisplayClass1.b__0(Tuple3 k) +31
System.Collections.Concurrent.ConcurrentDictionary2.GetOrAdd(TKey key, Func2 valueFactory) +62
System.Data.Entity.Infrastructure.DefaultManifestTokenResolver.ResolveManifestToken(DbConnection connection) +251
System.Data.Entity.Utilities.DbConnectionExtensions.GetProviderInfo(DbConnection connection, DbProviderManifest& providerManifest) +56
System.Data.Entity.DbModelBuilder.Build(DbConnection providerConnection) +43
System.Data.Entity.Internal.LazyInternalContext.CreateModel(LazyInternalContext internalContext) +62
System.Data.Entity.Internal.RetryLazy2.GetValue(TInput input) +123
System.Data.Entity.Internal.LazyInternalContext.InitializeContext() +627 System.Data.Entity.Internal.InternalContext.GetEntitySetAndBaseTypeForType(Type entityType) +18
System.Data.Entity.Internal.Linq.InternalSet1.Initialize() +53
System.Data.Entity.Internal.Linq.InternalSet1.get_InternalContext() +15 System.Data.Entity.Infrastructure.DbQuery1.System.Linq.IQueryable.get_Provider() +38 System.Linq.Queryable.Where(IQueryable1 source, Expression1 predicate) +83
Saleboat.Logic.MeetingLogic.CheckMeetingFilter.OnActionExecuting(ActionExecutingContext filterContext) in C:\Users\Michael\Documents\Visual Studio 2013\Projects\Saleboat\project-saleboat\Saleboat\Logic\MeetingLogic\CheckMeetingFilter.cs:22 System.Web.Mvc.Async.AsyncInvocationWithFilters.InvokeActionMethodFilterAsynchronouslyRecursive(Int32 filterIndex) +176
System.Web.Mvc.Async.AsyncInvocationWithFilters.InvokeActionMethodFilterAsynchronouslyRecursive(Int32 filterIndex) +644
System.Web.Mvc.Async.<>c__DisplayClass33.<BeginInvokeActionMethodWithFilters>b__31(AsyncCallback asyncCallback, Object asyncState) +58
System.Web.Mvc.Async.WrappedAsyncResult1.CallBeginDelegate(AsyncCallback callback, Object callbackState) +14
System.Web.Mvc.Async.WrappedAsyncResultBase1.Begin(AsyncCallback callback, Object state, Int32 timeout) +128
System.Web.Mvc.Async.AsyncControllerActionInvoker.BeginInvokeActionMethodWithFilters(ControllerContext controllerContext, IList1 filters, ActionDescriptor actionDescriptor, IDictionary2 parameters, AsyncCallback callback, Object state) +197
System.Web.Mvc.Async.<>c__DisplayClass21.<BeginInvokeAction>b__19(AsyncCallback asyncCallback, Object asyncState) +743
System.Web.Mvc.Async.WrappedAsyncResult1.CallBeginDelegate(AsyncCallback callback, Object callbackState) +14
System.Web.Mvc.Async.WrappedAsyncResultBase1.Begin(AsyncCallback callback, Object state, Int32 timeout) +128
System.Web.Mvc.Async.AsyncControllerActionInvoker.BeginInvokeAction(ControllerContext controllerContext, String actionName, AsyncCallback callback, Object state) +343
System.Web.Mvc.Controller.<BeginExecuteCore>b__1c(AsyncCallback asyncCallback, Object asyncState, ExecuteCoreState innerState) +25
System.Web.Mvc.Async.WrappedAsyncVoid1.CallBeginDelegate(AsyncCallback callback, Object callbackState) +30
System.Web.Mvc.Async.WrappedAsyncResultBase1.Begin(AsyncCallback callback, Object state, Int32 timeout) +128
System.Web.Mvc.Controller.BeginExecuteCore(AsyncCallback callback, Object state) +465
System.Web.Mvc.Controller.<BeginExecute>b__14(AsyncCallback asyncCallback, Object callbackState, Controller controller) +18
System.Web.Mvc.Async.WrappedAsyncVoid1.CallBeginDelegate(AsyncCallback callback, Object callbackState) +20
System.Web.Mvc.Async.WrappedAsyncResultBase1.Begin(AsyncCallback callback, Object state, Int32 timeout) +128
System.Web.Mvc.Controller.BeginExecute(RequestContext requestContext, AsyncCallback callback, Object state) +374
System.Web.Mvc.Controller.System.Web.Mvc.Async.IAsyncController.BeginExecute(RequestContext requestContext, AsyncCallback callback, Object state) +16
System.Web.Mvc.MvcHandler.<BeginProcessRequest>b__4(AsyncCallback asyncCallback, Object asyncState, ProcessRequestState innerState) +52 System.Web.Mvc.Async.WrappedAsyncVoid1.CallBeginDelegate(AsyncCallback callback, Object callbackState) +30
System.Web.Mvc.Async.WrappedAsyncResultBase`1.Begin(AsyncCallback callback, Object state, Int32 timeout) +128
System.Web.Mvc.MvcHandler.BeginProcessRequest(HttpContextBase httpContext, AsyncCallback callback, Object state) +384
System.Web.Mvc.MvcHandler.BeginProcessRequest(HttpContext httpContext, AsyncCallback callback, Object state) +48
System.Web.Mvc.MvcHandler.System.Web.IHttpAsyncHandler.BeginProcessRequest(HttpContext context, AsyncCallback cb, Object extraData) +16
System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +103 System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +155

Answer 1

With Npgsql 3.1.5 try to use "Trust Server Certificate=true" in connection string. Example connection string:

Server=[servername];Port=[port];User Id=[username];Password=[password];Database=[databasename];sslmode=Require;Trust Server Certificate=true