CODEWITHSUNDEEP
eventstoredb
patrick
patrick

Reputation: 16959

Eventstore connection issue with win64 install

I can only append a stream if I run in insecure mode, ie. --insecure

In insecure mode this connection string works :

var connectionstring = "esdb+discover://127.0.0.1:2113?tls=false";

I would like to run in normal mode and append a stream, but the append times out. I tried adding my user/pass in there like this ...

var connectionString = "esdb://admin:[email protected]:2113?tls=false";

But it just fails with "connection closed"

This is my full code:

var connectionstring = "esdb+discover://127.0.0.1:2113?tls=false";

var settings = EventStoreClientSettings.Create(connectionstring);
var client = new EventStoreClient(settings);

var evt = new TestEvent {
    EntityId = Guid.NewGuid().ToString("N"),
    ImportantData = "I wrote my first event!"
};

var eventData = new EventStore.Client.EventData(
    Uuid.NewUuid(),
    "TestEvent",
    Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(evt))
);

client.AppendToStreamAsync(
    "some-stream2",
    StreamState.Any,
    new[] { eventData },
    cancellationToken: new CancellationTokenSource().Token
).Wait();

I ran it without tls like this:

var connectionstring = "esdb+discover://127.0.0.1:2113

but

Failed to discover candidate in 10 attempts.

Then I try with admin/pass

        var connectionstring = "esdb://admin:[email protected]:2113";

Status(StatusCode="Internal", Detail="Error starting gRPC call. HttpRequestException: The SSL connection could not be established, see inner exception. AuthenticationException: The remote certificate is invalid according to the validation procedure: RemoteCertificateNameMismatch", DebugException="System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure: RemoteCertificateNameMismatch

Ok, now I'm following this tutorial https://developers.eventstore.com/server/v5/security.html#setting-up-ssl-on-windows

but I don't have an eventstore.conf file because I am running from the .zip file which I unzipped which has no such file, also I tried installing from choclatey, also no such file. Man these docs are misery.

Ok so I copied somebody else's yaml file, and changed the thumbprint

CertificateStoreLocation: CurrentUser
CertificateStoreName: My
CertificateThumbPrint: 526ECD33A9A391D655592BDC7A9A028122954EB6
CertificateSubjectName: eventstore.org
CertificateReservedNodeCommonName: eventstore.org
TrustedRootCertificatesPath: C:\ESDB\certs\ca

but TrustedRootCertificatesPath fails. The path of the imported cert from the certmgr step is in the Windows Registry -- so what does the TrustedRootCertificatesPath want ??...

Upvotes: 0

Views: 240

Answers (1)

ylorph
ylorph

Reputation: 171

try without the tls=false part of the connection strings.

I guess when you say

I can only append a stream if I run in insecure mode.

you mean you ran the db with --insecure ? this disable TLS & any security feature.

if you start with --dev the database will create a certificate locally , TLS will be enabled & security as well.

In Production scenario we do strongly advise to use TLS & security .

Upvotes: 1

Related Questions