search

OfficeDev / Office-Add-in-Auth0

[ARCHIVED] The Auth0 service simplifies the process of using social login provided by online services such as Facebook, Google, and Microsoft. This sample shows how to use Auth0 in an Office add-in.
Other
19 stars 16 forks source link

Invalid Certificate #7

Closed CourtJesterBob closed 5 years ago

CourtJesterBob commented 6 years ago

Hello. Great project. I have downloaded it and followed all of your instructions, but the site will not accept the certificate. I ran the gen-cert.sh, it generated the ca.crt and the server.crt. I registered the ca.crt, and verified that it is in my certificate store. When I start the project, open IE, and browse to the site I get an certificate error. I followed your directions to add the new certificate, which I would have thought would have been the server.crt file, but the certificate is for Internet Widgits Pty Ltd.

Also, the browser has this error: The hostname in the website’s security certificate differs from the website you are trying to visit. It says it cannot prove that it is localhost since the server certificate is invalid.

Any ideas?

Rick-Kirkham commented 6 years ago

@CourtJesterBob I can reproduce. Edge and IE deal with certificates somewhat differently than they did when this sample was created. I need to update the sample and instructions. In the meantime, you can still get the sample up and running. When you get to step 3 of the Start the add-in section, you will see an error about the certificate. Choose to trust the certificate. You might get cycled through this error more than once. After it has stopped appearing, continue with step 4. After step 6, you will get an error page in the task pane saying that the site is not secure. Click More information on that page. Then click Go on to the webpage. The add-in home page will open in the task pane. Everything should work normally from there.

CourtJesterBob commented 6 years ago

Rick,

Thanks for the response. That is the problem with old code. We are looking at using your code base as a starting point for our Outlook add-in which will use Auth0, like our website does.

I don't really understand your directions. Right after I start the add-in, I have tried to install the root certificate, trust the certificate, add it to my list of trusted sites. Basically, it doesn't seem that it likes my self signed cert.

Ultimately, when we create our actual add in, we will need a real certificate. So, to try to understand what you did, your gen-cert.sh script generated a root certificate, which is the cs.cert. Then you generated a code signing cert, server.crt. And, it seems that BrowserSync uses that server.crt to sign all of the content?

Ultimately, I will need a code signing cert, which will come from some real, already trusted Root CA, so I just need to configure whatever server I host my outlook add-in (Azure) to use that code signing cert?

Or, is it only just a server cert so my localhost can do SSL? If that's the case, I can just put it up in Azure now and use my real SSL certificate. Or, if I want to dev and test locally, I just need updated instructions on creating a self signed SSL certificate? Could I just get one from https://letsencrypt.org/?

Bob

On Tue, Sep 18, 2018 at 3:49 PM Rick-Kirkham notifications@github.com wrote:

@CourtJesterBob https://github.com/CourtJesterBob I can reproduce. Edge and IE deal with certificates somewhat differently than they did when this sample was created. I need to update the sample and instructions. In the meantime, you can still get the sample up and running. When you get to step 3 of the Start the add-in section, you will see an error about the certificate. Choose to trust the certificate. You might get cycled through this error more than once. After it has stopped appearing, continue with step 4. After step 6, you will get an error page in the task pane saying that the site is not secure. Click More information on that page. Then click Go on to the webpage. The add-in home page will open in the task pane. Everything should work normally from there.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/OfficeDev/Office-Add-in-Auth0/issues/7#issuecomment-422526848, or mute the thread https://github.com/notifications/unsubscribe-auth/AMNoFMNO-gzUKSFEve5iMVzgmRd_UR4aks5ucU5fgaJpZM4Wt1ZC .

Rick-Kirkham commented 5 years ago

We are reducing the number of samples we have due to increasing costs of maintaining them. This one did not make the cut to save, so we will be removing it soon. All open issues are being closed and will not be fixed.