IIS log fail: Microsoft.AspNetCore.Server.Kestrel[13] JwtBearerOptions

Question

When running a published API in IIS, I get the following error:

Hosting environment: Production
Content root path: C:\inetpub\My_API
Now listening on: http://127.0.0.1:44674
Application started. Press Ctrl+C to shut down.
fail: Microsoft.AspNetCore.Server.Kestrel[13]
      Connection id "0HM9MTIMQIFTF", Request id "0HM9MTIMQIFTF:00000001": An unhandled exception was thrown by the application.
System.ArgumentNullException: String reference not set to an instance of a String.
Parameter name: s
   at System.Text.Encoding.GetBytes(String s)
   at My_API.Startup.<ConfigureServices>b__4_2(JwtBearerOptions options) in D:\repos\API\My_API\Startup.cs:line 173
   at Microsoft.Extensions.Options.ConfigureNamedOptions`1.Configure(String name, TOptions options)
   at Microsoft.Extensions.Options.OptionsFactory`1.Create(String name)
   at Microsoft.Extensions.Options.OptionsMonitor`1.<>c__DisplayClass10_0.<Get>b__0()
   at System.Lazy`1.ViaFactory(LazyThreadSafetyMode mode)
   at System.Lazy`1.ExecutionAndPublication(LazyHelper executionAndPublication, Boolean useDefaultConstructor)
   at System.Lazy`1.CreateValue()
   at Microsoft.Extensions.Options.OptionsCache`1.GetOrAdd(String name, Func`1 createOptions)
   at Microsoft.Extensions.Options.OptionsMonitor`1.Get(String name)
   at Microsoft.AspNetCore.Authentication.AuthenticationHandler`1.InitializeAsync(AuthenticationScheme scheme, HttpContext context)
   at Microsoft.AspNetCore.Authentication.AuthenticationHandlerProvider.GetHandlerAsync(HttpContext context, String authenticationScheme)
   at Microsoft.AspNetCore.Authentication.AuthenticationService.AuthenticateAsync(HttpContext context, String scheme)
   at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
   at Microsoft.AspNetCore.StaticFiles.StaticFileMiddleware.Invoke(HttpContext context)
   at Swashbuckle.AspNetCore.SwaggerUI.SwaggerUIMiddleware.Invoke(HttpContext httpContext)
   at Swashbuckle.AspNetCore.Swagger.SwaggerMiddleware.Invoke(HttpContext httpContext, ISwaggerProvider swaggerProvider)
   at Microsoft.AspNetCore.StaticFiles.StaticFileMiddleware.Invoke(HttpContext context)
   at Microsoft.AspNetCore.Server.IISIntegration.IISMiddleware.Invoke(HttpContext httpContext)
   at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.HttpProtocol.ProcessRequests[TContext](IHttpApplication`1 application)
Application is shutting down...

In the Startup.cs file, the code for the line that generates the error is as follows:

services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(options => 
options.TokenValidationParameters = new TokenValidationParameters
      {
          ValidateIssuer = false,
          ValidateAudience = false,
          //ValidateLifetime = false,
          ValidateIssuerSigningKey = true,
          //ValidIssuer = "https://locahost",
          //ValidAudience = "https://localhost",
          IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["Key_Token"])),
                ClockSkew = TimeSpan.Zero
      });

Executing the API in development mode does not give any problem, the authentication is done without problems, but when executing the API in production mode, the server responds with a status of 500.

If someone can help me see the problem.

Thanks for everything.

All the best.

Answer 1

I have found the solution to my problem. The error occurred because the key to generate the JWT token was not found from the Startup.cs. In the development environment, the key was stored within a project environment variable, in the appLaunchSettings.json file, but when passed to a production environment this key was not found within the appSettings.json file , so in the StartUp.cs it gave the error when it was not found. To fix it, I have saved the created variables in appLaunchSettings.json file in appSettings.json file and now everything works.

Thanks.