Reputation: 149
Getting error on .Net Core app "The SSL connection could not be established, see inner exception"
I have an ASP.NET Core 7 MVC application. It uses an ASP.NET Core Web API. The application is running fine when both API and UI are running from Visual Studio 2022.
If I deploy the UI, or both UI and API, to IIS using "No Managed Code" application pool, the application throws an error
The SSL connection could not be established, see inner exception System.Security.Authentication.AuthenticationException: The remote certificate is invalid because of errors in the certificate chain: UntrustedRoot at System.Net.Security.SslStream.CompleteHandshake(SslAuthenticationOptions sslAuthenticationOptions) at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](Boolean receiveFirst, Byte[] reAuthenticationData, CancellationToken cancellationToken) at System.Net.Http.ConnectHelper.EstablishSslConnectionAsync(SslClientAuthenticationOptions sslOptions, HttpRequestMessage request, Boolean async, Stream stream, CancellationToken cancellationToken)
Can anyone assist me in resolving this?
Upvotes: 1
Views: 29070
Answers (2)
Reputation: 149
Somehow deploying inside Default Web Site on IIS wasn't working. I created a new self signed certificate, deployed both API and UI on the root as a new website with different port for both apps. Enabled https with the newly created self signed certificate on both the applications and it worked.
Upvotes: 0
Reputation: 2375
The above error message indicates a problem with SSL certificate validation, the SSL certificate used by your application was not recognized as valid because it was signed by an untrusted certificate authority (CA).
If you are using a self-signed certificate and experiencing SSL verification issues on your local computer, it may be because the certificate is not trusted by default. To resolve this issue, you need to manually add the self-signed certificate to the Trusted Root Certification Authorities store on the local computer. You can try the following steps:
- Open the Run dialog (Win + R), type mmc, and press Enter.
- In the MMC window, go to File > Add/Remove Snap-in...
- Select Certificates from the list of available snap-ins, and click Add.
- Select Computer Account, and click Next.
- Select Local Computer and click Finish, then click OK to close the Add/Remove Snap-in window.
- Navigate to Certificates (Local Computer) > Trusted Root Certification Authorities > Certificates.
- Right-click in the right pane, select All Tasks, and click Import.
- Export the self-signed certificate in advance, and then follow the wizard to import the self-signed certificate.
Reference link: Adding the self-signed certificate as trusted
Upvotes: 0
Related Questions
- I get Error when I call get API with certificate
- Getting Win32Exception: The message received was unexpected or badly formatted Error When consume Informatica API in .net core blazor application
- How to connect ASP.NET Core 6 MVC web application with KeyCloak
- .netcore web application failing with 'buffer supplied to a function was too small' error
- asp.net core 5, Error : The SSL connection could not be established