HTTPS endpoints not working in Service Fabric local cluster

Question

I am able to run a stateless service in a local service fabric cluster. However, when I add an https end point, activation fails.

I made the following changes:

ServiceManifest.xml:

<Endpoint Name="ServiceEndpoint" Type="Input" Protocol="https" Port="443" CertificateRef="my_api_cert" />

ApplicationManifest.xml:

<Policies>
  <EndpointBindingPolicy EndpointRef="ServiceEndpoint" CertificateRef="my_api_cert" />
</Policies>
<Certificates>
  <EndpointCertificate X509FindValue="[Api_SslCertHash]" Name="my_api_cert" />
</Certificates>

I have uploaded the newly created certificate to Local Machine\My store too.

I get the following error in cluster manager:

Error event: SourceId='System.Hosting', Property='Activation:1.0:1.0'. There was an error during activation.

What could be the solution for this issue?

Answer 1

As others have mentioned, this can happen when the certificate thumbprint is incorrect. However there is one specific reason for the thumbprint to be incorrect that can be so frustrating to figure out it deserves its own answer.

I'll quote TChiang phorego (Partner) from the MSDN forums (emphasis mine):

The trick is that when you copy the thumbprint from the certificate store, it comes with some hidden characters in the front (when I place the cursor at the front and press <- the cursor will not advance left), so when you paste it into the manifest, SF cannot install the service. So just make sure you remove the hidden characters and then it will be ok.