Closed lucassousa-ciandt closed 5 months ago
Hi @lucassousa-ciandt, apologize for the delay in getting back to you. I could repro this while investigating a similar issue a few months ago. It appears to be caused by a limitation in .NET where SslStream
sends the certificate chain information only if it is available in the certificate store, and this happens for both Windows and Linux.
So similar to the additional steps for Windows, I could work this around in my WSL by installing the intermediate certificate (only this was sufficient for me) in the local trust store and make the device provisioning succeed. To do this, please follow with the steps described here.
Close due to inactivity
Context
Description of the issue
Trying to register a device with test X509 certificates using this sample code, but I'm receiving an Exception instead. I'm basing in this guide.
Steps to reproduce:
./certGen.sh create_root_and_intermediate
b. Generate the device certificate running:./certGen.sh create_device_certificate_from_intermediate device-01
dotnet run -- -s <id-scope> -c new-device-full-chain.cert.pfx -p 1234
Console log of the issue
This only happens when I try to run on WSL, if I run the same steps on base OS (Windows) it works, only with the additional step to add the root and intermediate certificates on Windows Certificate Store. Any additional step is required when running it on Linux distribution? Am I missing some detail?
The same certificates also works when used in the NodeJS sample, same steps, just running another project and using the .pem certificate instead of converting it to .pfx.