I am getting the net::ERR_CERT_AUTHORITY_INVALID
error in ASP.NET Core when I try to request my Web API from an SPA.
The first solution to fix the issue was to go my ASP.NET Core address from browser Advanced
- Proceed to localhost (unsafe)
and after that the requests from my SPA would work. But I would have to repeat the procedure each time I am starting to work on my project.
Another solution I found was this. In a nutshell the solution is to run the command: dotnet dev-certs https --trust
. I am on Windows, so according to the linked article On Windows it'll get added to the certificate store
.
But after I run the command I am still getting the net::ERR_CERT_AUTHORITY_INVALID
issue on requests. What could I do about it?
If we want to disable HTTP for the asp.net code, we just need to remove lines 11 to 13 and the same for HTTPS, if we want to disable HTTPS, just remove lines 14 to 16 and comment out app. UseHttpsRedirection(); in Program. cs.
Running the command dotnet dev-certs https --trust
will create a self-signed certificate in your device. This certificate will be issued to the localhost
domain. In my case, after running it, the certificate was created but it was not added to "Trusted Root Certification Authorities".
To add the certificate, you will need to open certmgr.msc
(win+r and run certmgr.msc
), then go to "Personal" certificates and export the .cer
certificate issued to localhost
with the correct expiration time.
If you cannot find the certificate there, you can go to the browser and click on the not secure connection icon, then open the invalid certificate and go to the Details tab and click "Copy to File...", which should create also a .cer
certificate.
Next, go to "Trusted Root Certification Authorities" and import the certificate there. Once that is done, the certificate will be valid in your local machine. You may need to restart the browser and the service.
In your application, add a reference to the Microsoft.AspNetCore.Authentication.Certificate via NuGet package. Then in the Startup.ConfigureServices method write this:
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication(
CertificateAuthenticationDefaults.AuthenticationScheme)
.AddCertificate();
// All other service configuration
}
Also add app.UseAuthentication(); in the Startup.Configure method. Otherwise, the HttpContext.User will not be set to ClaimsPrincipal
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
app.UseAuthentication();
// All other app configuration
}
Source: https://learn.microsoft.com/en-us/aspnet/core/security/authentication/certauth?view=aspnetcore-3.1
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With