Closed SirLefti closed 1 year ago
@SirLefti can you check this experience with a different browser and see if that works?
Hi @SirLefti. We have added the "Needs: Author Feedback" label to this issue, which indicates that we have an open question for you before we can take further action. This issue will be closed automatically in 7 days if we do not hear back from you by then - please feel free to re-open it if you come back to this issue after that time.
Sure. This is Safari:
Firefox:
Thanks for contacting us @SirLefti . I followed the steps to reproduce the bug and had a slightly different experience. I got the exception on the step 2
Go into that directory and run the project with dotnet watch -lp https (this uses the https launch profile, because the default one is http only)
I also tried it on windows and it works as you said. Could you please try to run the following and tell us if that works?
dotnet dev-certs https --trust
Hi @SirLefti. We have added the "Needs: Author Feedback" label to this issue, which indicates that we have an open question for you before we can take further action. This issue will be closed automatically in 7 days if we do not hear back from you by then - please feel free to re-open it if you come back to this issue after that time.
Sorry, what didn't work for you with the dotnet watch -lp https
command? What is your error message?
The certificate is successfully installed with the dotnet dev-certs https --trust
command, which is also mentioned in the first paragraph.
Edit: I am just preparing a short video where I can reproduce the error, maybe that helps.
I have made this video on a fairly new machine with latest .net7.0 sdk freshly installed. Certificate has been installed with dotnet dev-certs https --trust
.
https://youtu.be/K9Ib8Pz9S08
It shows the steps how to create a new project, run it with dotnet watch -lp https
, making a little change, restarting and showing the error, deleting the responsible file and restarting it to make it work again.
Sorry, earlier I missed the paragraph where you've mentioned that you installed the certificate. Thanks for providing a video. I followed the exact steps shown in the video and couldn't reproduce the bug. Based on this, I am closing this issue.
Interesting. I am trying to sort out if there could be a local config issue.
Hi @SirLefti did you find a fix? I'm facing the same issue.
Hey @MelSlavin. It is still an issue for me. I also asked a colleague to try to reproduce the error on his Macs (an Intel one and an Apple Silicon one) but he was unable to reproduce it on any of them. Glad to here I am not the only one anyways.
I am using a 2020 13" Mac Book Pro. What kind of Mac are you using?
@SirLefti I have the same issue. In a way, glad to see I'm not the only one. Been losing my mind over this. Please let me know if you finally resolve it (I will as well, if I manage to figure it out).
I know the last question wasn't for me, but anyways: I am using a 2021 MacBook Pro (Monterey)
@clararoman thank you for your information.
I made a test across out team and only my two Macs out of six total Macs were showing the issue.
Yesterday a colleague suggested to check the ciphers by the openssl ciphers
command.
In the output, we swapped the separator with line breaks and then sorted the lines.
Can you share yours?
I compared the results and I spotted that the ciphers AEAD-AES128-GCM-SHA256
, AEAD-AES256-GCM-SHA384
and AEAD-CHACHA20-POLY1305-SHA256
are missing in the result of non-working systems. I don't know if that could lead us to the core issue.
When opening my website in a working state and checking the Chrome Dev Tools Security tab, it shows me these details:
@SirLefti Thanks for updating! I tried it out and:
It's almost identical to the output from your "other affected system". When I compare them, the only difference is that:
DES-CBC3-SHA
and yours doesn't.ES-CBC3-SHA
and mine doesn't.(So, the same except for the D in the beginning.)
It doesn't really tell me anything, but I'll keep trying to figure it out.
I believe it is actually the same and I just made a mistake when splitting the ciphers. I updated my output above including some fancy terminal commands to do the splitting and sorting.
I am trying to collect some more outputs from working systems, but I believe the three mentioned ciphers missing on all affected are already a good guess. The question is, if we can do something about it.
I got three identical outputs from working systems. All include AEAD-AES128-GCM-SHA256
, AEAD-AES256-GCM-SHA384
and AEAD-CHACHA20-POLY1305-SHA256
.
openssl version -a
reports LibreSSL 3.3.6
on those working system.
My systems report OpenSSL 1.1.1h
(first system) and LibreSSL 2.8.3
(second system).
I am now trying to get a more recent version running like via mac ports.
Just for your information: I managed to get a 3.x version of LibreSSL via MacPorts, but still running into the same issue (mentioned ciphers seem to be still missing). As of writing this, I do not have any further ideas to track down.
Is there an existing issue for this?
Describe the bug
I am developing a Blazor Server App on MacOS using .NET 7.0, running with HTTPS enabled. I am executing it via
dotnet watch
for hotreloading in the terminal, so the IDE should not matter. The app works initially fine, but after some changes, when the watch command asks for restarting or alternatively restarting on my own, I get the error messageERR_SSL_VERSION_OR_CIPHER_MISMATCH
in Google Chrome Browser or equivalent ones in other browsers.A valid https certificate is installed via
dotnet dev-certs https --trust
.Things I tried out:
dotnet/sdk
and notdotnet/aspnetcore
? Please let me know).dotnet clean
between restarts fixes it as well, but is not really an option when thedotnet watch
command itself suggests you to restart the app.bin/Debug/net7.0
one by one between restarts to figure out which file causes the issue, the project executable file (when the project is callednewblazor
, this file is just callednewblazor
as well) was the faulty filedotnet run
insteaddotnet clean
implicitly or does not use the mentioned executable file)Expected Behavior
After restarting, the application should work without issues with the certificate.
Steps To Reproduce
I have been able to reproduce it with a fresh project template, so we can use that here.
dotnet new blazorserver -n newblazor
dotnet watch -lp https
(this uses the https launch profile, because the default one is http only)Pages/Index.razor
and make some changes, e.g. add the following at the bottom:./bin/Debug/net7.0/newblazor
Other investigations
I tried the same on windows, using only console commands, unable to reproduce the error following the same steps. As already mentioned above, the problematic file is platform-specific.
I also tried it with a fresh blazor wasm app, this works as well so far, unable to reproduce the error following the same step.
Deleting
./bin/Debug/net7.0/newblazor
fixes the problem for one time, however when being regenerated, the new file is a true duplicate of the previous deleted one. It seems to be not the file itself to be the problem, but something involved in the process to generate it..NET Version
7.0.101
Anything else?
German error message from Google Chrome Browser.