Closed georgiyordanov closed 4 years ago
It look like this may be related to #17581
It shouldn't be, that's only need for macOS Catalina (10.15).
@javiercn do you know what might be going on here?
@anurse it could be.
Try adding
<PropertyGroup>
<UseAppHost>false</UseAppHost>
</PropertyGroup>
to see if that fixes the issue with dotnet run.
Adding <UseAppHost>false</UseAppHost>
fixed it for me (following the same steps as the OP to reproduce the issue, with new certificates).
Output of dotnet --info
:
.NET Core SDK (reflecting any global.json):
Version: 3.1.100
Commit: cd82f021f4
Runtime Environment:
OS Name: Mac OS X
OS Version: 10.15
OS Platform: Darwin
RID: osx.10.15-x64
Base Path: /usr/local/share/dotnet/sdk/3.1.100/
Host (useful for support):
Version: 3.1.0
Commit: 65f04fb6db
.NET Core SDKs installed:
3.1.100 [/usr/local/share/dotnet/sdk]
.NET Core runtimes installed:
Microsoft.AspNetCore.App 3.1.0 [/usr/local/share/dotnet/shared/Microsoft.AspNetCore.App]
Microsoft.NETCore.App 2.1.14 [/usr/local/share/dotnet/shared/Microsoft.NETCore.App]
Microsoft.NETCore.App 2.2.8 [/usr/local/share/dotnet/shared/Microsoft.NETCore.App]
Microsoft.NETCore.App 3.0.1 [/usr/local/share/dotnet/shared/Microsoft.NETCore.App]
Microsoft.NETCore.App 3.1.0 [/usr/local/share/dotnet/shared/Microsoft.NETCore.App]
To install additional .NET Core runtimes or SDKs:
https://aka.ms/dotnet-download
This is the notarization issue on OS X. This is a known issue and we are working on a fix.
We can close this as it’s a dupe.
I can confirm that <UseAppHost>false</UseAppHost>
fixed the issue for me as well. Thanks!
Ok, closing this then. We're very well aware of issues with certificates on macOS Catalina and are working on a fix. The workaround @javiercn indicated should help resolve this issue while we fix the underlying problem.
@anurse it could be.
Try adding
<PropertyGroup> <UseAppHost>false</UseAppHost> </PropertyGroup>
to see if that fixes the issue with dotnet run.
Works for me. It seems like the problem hasn’t been fixed in .net core 3.1.101 build though
FYI, the solution:
<PropertyGroup>
<UseAppHost>false</UseAppHost>
</PropertyGroup>
Worked for me on Catalina only. It did not work on Mojave.
Does anyone know why this solution works?
Is this an issue with the dev certificate generation/installation or in the SslStream class? Because I get this same error when using an HttpClient to make an HTTPS request to a local aspnet core app or to any HTTPS URL when using the Burp proxy, which requires installing a root cert in the keychain.
I'm just wondering if I need to open a bug with PortSwigger about this, or if the fix in .NET core will take care of it.
Hi.
It looks like you are posting on a closed issue!
We're very likely to lose track of your bug/feedback/question unless you:
@javiercn:
I have dotnet 3.1.102 installed on macOS Mojave 10.14.6.
I have self signed SSL certificates installed in my Keychain. Chrome and Safari are fine with these certificates. But, when I make an HTTP request in C#, using dotnet core, to a website that uses one of those certs, I get a very similar stack trace to the one in this issue, where System.Net.Security.SslStream.StartSendAuthResetSignal ultimately throws an exception stating, "the remote certificate is invalid according to the validation procedure."
I'm asking here, since the "dup" issue doesn't really explain the problem in a way that I understand.
My question is: Is #17581 about dotnet core being unable to read or utilize self-signed certs that are added to the keychain? Or do I have a novel issue?
I want to run with just HTTP not HTTPS. I added the property group and it still fails with an error. I'm running 10.13.6 (High Sierra)
dotnet 3.0.1
In startup I have commented out app.UseHttpsRedirection();
.
I added the property group in my project <UseAppHost>false</UseAppHost>
.
Any tips?
Describe the bug
Migrated an aspnet core app from .Net Core 2.2 to .Net Core 3.1 and now requests to the app fail with
Things I tried without success:
1)
dotnet dev-certs https --clean
,dotnet dev-certs https
anddotnet dev-certs https --trust
as described in the exception2) manually deleting the certificates from the keychain and the running
dotnet dev-certs https --trust
3) uninstalling all .net versions with
dotnet-core-uninstall
tool and installing only .Net Core 3.1 then repeating 1) and 2)I tried to debug the framework code and the underlying exception in
CertificateManager.CheckDeveloperCertificateKey
isIt look like this may be related to https://github.com/dotnet/aspnetcore/pull/17581
To Reproduce
Further technical details
dotnet --info
Runtime Environment: OS Name: Mac OS X OS Version: 10.13 OS Platform: Darwin RID: osx.10.13-x64 Base Path: /usr/local/share/dotnet/sdk/3.1.100/
Host (useful for support): Version: 3.1.0 Commit: 65f04fb6db
.NET Core SDKs installed: 3.1.100 [/usr/local/share/dotnet/sdk]
.NET Core runtimes installed: Microsoft.AspNetCore.App 3.1.0 [/usr/local/share/dotnet/shared/Microsoft.AspNetCore.App] Microsoft.NETCore.App 3.1.0 [/usr/local/share/dotnet/shared/Microsoft.NETCore.App]
To install additional .NET Core runtimes or SDKs: https://aka.ms/dotnet-download
Version: 1.41.1 Commit: 26076a4de974ead31f97692a0d32f90d735645c0 Date: 2019-12-18T14:57:51.166Z Electron: 6.1.5 Chrome: 76.0.3809.146 Node.js: 12.4.0 V8: 7.6.303.31-electron.0 OS: Darwin x64 17.7.0