Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

net::ERR_CERT_AUTHORITY_INVALID in ASP.NET Core

I am getting the net::ERR_CERT_AUTHORITY_INVALID error in ASP.NET Core when I try to request my Web API from an SPA.

The first solution to fix the issue was to go my ASP.NET Core address from browser Advanced - Proceed to localhost (unsafe) and after that the requests from my SPA would work. But I would have to repeat the procedure each time I am starting to work on my project.

enter image description here

Another solution I found was this. In a nutshell the solution is to run the command: dotnet dev-certs https --trust. I am on Windows, so according to the linked article On Windows it'll get added to the certificate store.

But after I run the command I am still getting the net::ERR_CERT_AUTHORITY_INVALID issue on requests. What could I do about it?

like image 890
some1 here Avatar asked Sep 08 '20 14:09

some1 here


People also ask

How do I disable HTTPS in .NET core?

If we want to disable HTTP for the asp.net code, we just need to remove lines 11 to 13 and the same for HTTPS, if we want to disable HTTPS, just remove lines 14 to 16 and comment out app. UseHttpsRedirection(); in Program. cs.


2 Answers

Running the command dotnet dev-certs https --trust will create a self-signed certificate in your device. This certificate will be issued to the localhost domain. In my case, after running it, the certificate was created but it was not added to "Trusted Root Certification Authorities".

certmgr.msc

To add the certificate, you will need to open certmgr.msc (win+r and run certmgr.msc), then go to "Personal" certificates and export the .cer certificate issued to localhost with the correct expiration time.

If you cannot find the certificate there, you can go to the browser and click on the not secure connection icon, then open the invalid certificate and go to the Details tab and click "Copy to File...", which should create also a .cer certificate.

browser certificate

Next, go to "Trusted Root Certification Authorities" and import the certificate there. Once that is done, the certificate will be valid in your local machine. You may need to restart the browser and the service.

like image 74
IsaacCampos Avatar answered Oct 21 '22 10:10

IsaacCampos


In your application, add a reference to the Microsoft.AspNetCore.Authentication.Certificate via NuGet package. Then in the Startup.ConfigureServices method write this:

public void ConfigureServices(IServiceCollection services)
{
    services.AddAuthentication(
        CertificateAuthenticationDefaults.AuthenticationScheme)
        .AddCertificate();

    // All other service configuration
}


Also add app.UseAuthentication(); in the Startup.Configure method. Otherwise, the HttpContext.User will not be set to ClaimsPrincipal

public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
   app.UseAuthentication();

    // All other app configuration
}

Source: https://learn.microsoft.com/en-us/aspnet/core/security/authentication/certauth?view=aspnetcore-3.1

like image 28
noobprogrammer Avatar answered Oct 21 '22 11:10

noobprogrammer