How to solve open id configuration error with identity server 4?

Question

I am trying to use Identity Server 4 for Authenticationa and authorization purpose but which ever project i try to run is throwing only 1 error which is like bugging me alot because i have search for this error and i cant find a stable and proper solution for this.

Error :

Error connecting to http://localhost:5000/.well-known/openid-configuration: An error occurred while sending the request.

Couple of projects in which i am getting same error and dont know how to solve it :

https://www.dropbox.com/s/9hs3huwt8h035ek/oauth2Demo-master.rar?dl=0

Another Project : Download but same error

In my first project it seems like there is some problem related to SSL certificate though i tried to follow below link to install certificate but still this error exist :

https://github.com/IdentityServer/IdentityServer3.Samples/tree/master/source/Certificates

But in my second project there is no such SSL certificate problem but still same error.

Is there any way to resolve that error?

Answer 1

My suggestion is to get the things done one by one.

From your screens I see that on the first you are trying to reach IDS at localhost:44305, and on the second screen, you are trying to reach it at localhost:5000. It will be a good thing to set it as a constant value ( right click on your Identity Server project ->Properties->Debug->Web Server Settings->App URL) and then use this value through all of your clients.

Then - enable Identity Server logging - check here. You can extend this example - serilog basic configurations. So far logging has saved me many times, so I can say that it is really important. Make sure that the App pool account, running the application has the rights to create files, where you want them to be created.

Now the real problem:

Lets assume that you select localhost:5000 as url for your IDS.

First of all start (debug) only the Identity Server project. This should take you to localhost:5000 and you will see a welcome message from Identity Server 4.

If you see it, this means that your IDS is working. This also means that you will be able to access the Discovery Document - the one thing that is failing in your clients. Now its about time to setup your clients.

If not, this means that there is something wrong with your Identity Server instance, and that is the place to dig.

First thing I'll do is to check the logs. They will say what the problem is.

Then - I figure out that you are trying to use custom certificate for this (correct me if I've misunderstood). Why don't you try using the Developer Signing Credential (check the ConfigureServices of Startup.cs) at least for starting it up.

Later on, if you decide to use your custom certificate, have in mind that the user, that is running the IDS application (by user I mean the application pool user) should have at least read privileges over the certificate (I guess that you've seen that in the article you have provided).

Do all these, and let's see what progress you will have, but most important - enable the logging.

Answer 2

I downloaded the solution and I can confirm you need to make sure to run the OAuth2Demo.IdentityServer project, you can actually start it up and navigate to https://localhost:44305/admin/ to see the admin environment of identityserver. It apperantly also needs a sql connection to store configuration information, I didn't dig into those details but with the OAuth2Demo.IdentityServer running the other projects can also be started.