https not working - The SSL Connection could not be established, see inner exception

[johnmchale]

whilst reading the following book: https://www.packtpub.com/product/asp-net-core-5-and-react-second-edition/9781800206168 they recommend using WebSurge for load testing, however, I'm getting the following error whilst running using https. "The SSL connection could not be established, see inner exception." Everything works fine in Postman / Chrome, but not in WebSurge - any ideas for what to do? I'm guessing WebSurge is complaining about the Visual Studio self-signed SSL certificate, but I don't know how to fix it? I know I can run it with http and the associated port, but it would be nice to get it working with https. Having checked the WebSurge documentation, I thought that ticking the SETTINGS "Ignore Certificate Errors" checkbox may help, but it didn't. Any help greatly appreciated.

[RickStrahl]

John what kind of a certificate are you running?

I'm running against many .NET Core applications locally using the stock ASP.NET Core SDK installed certificate and am not seeing any problems.

If that's what you're doing can you perhaps regenerate the certificate?

dotnet dev-certs https --clean
dotnet dev-certs https --trust

This should re-register the dev certificate to the latest cert appropriate for the currently installed .NET SDK.

If that's not it, and you're doing something with a custom installed certificate, make sure the certificate is installed in the machine cert store so it can be accessed by the client application.

[johnmchale]

Hello Rick, I'm using the IIS self-signed certificate from Visual Studio 2019 as shown below.

[johnmchale]

I just tried running the application using the Kestrel server rather than IIS - same issue (as shown below)

[johnmchale]

I also did the following and still no joy

dotnet dev-certs https --clean dotnet dev-certs https --trust

[RickStrahl]

Hmmm... I'm not sure what the problem could be to be honest. If it fails both with IIS Express and Kestrel, then the problem likely isn't the certificate since different certs are used for those. It seems there's a problem with the connection being established.

Just to be sure I verified that it works with IIS Express for me as well as with Kestrel:

Could it be firewall or AV blocking? Maybe add WebSurge to your AV exclusions and the firewall? Does the plain HTTP connection work? With Kestrel you can use the alternate port (usually :5000).

I can't duplicate and this certainly seems like the SSL connection simply cannot be made. WebSurge is using the stock .NET 6.0 HTTP/SSL stack which should support just about anything, so there must be something in the connection protocol stack that is different. I suspect AV interfering.

[RickStrahl]

So I took a closer look at the logic that deals with IgnoreCertificateErrors and there were a couple of issues that made that particular functionality not work. I'm not sure if this will fix it but give it a try by downloading 2.0.0.34 or later.

To do this:

• Make sure you set your Session Settings to Ignore Certificate Errors
• Click on the Reset HttpClient button on the toolbar to apply HTTP client settings
• Run your request

See if that does any better.

I think this may still not work given the nature of the error we're seeing that appears to occur once the SSL stream is actually trying to connect/read data, but it's worth a try.

[johnmchale]

Hello Rick

Good News!

Firstly, it wasn't a firewall or Anti-Virus issue. I temporarily turned them off and still no luck.

I downloaded the latest version of WebSurge (2.0.0.35) as you suggested, and it worked. I tested it with firewall and Anti-Virus setting of active and inactive - both worked 👍

For info, this is an ASP.NET Core Web API (.NET 5.0) application that is running in Visual Studio 2019.

[johnmchale]

sorry, I forgot to post results - see below