search

microsoft / AL

Home of the Dynamics 365 Business Central AL Language extension for Visual Studio Code. Used to track issues regarding the latest version of the AL compiler and developer tools available in the Visual Studio Code Marketplace or as part of the AL Developer Preview builds for Dynamics 365 Business Central.
MIT License
728 stars 241 forks source link

Error: The SSL connection could not be established, see inner exception. The remote certificate is invalid because of errors in the certificate chain: RevocationStatusUnknown, OfflineRevocation #7618

Closed ZjTham closed 8 months ago

ZjTham commented 8 months ago

Please include the following with each issue:

1. Describe the bug For BC on-premise, after enabled SSL, when publish extension (F5) VS Code throws error "Error: The SSL connection could not be established, see inner exception. The remote certificate is invalid because of errors in the certificate chain: RevocationStatusUnknown, OfflineRevocation". This issue also occur in Sandbox environment (SaaS).

2. To Reproduce Steps to reproduce the behavior: Publish extension (F5) in VS Code targeting either BC on-premise or Sandbox environment.

  1. Go to '...'
AL code snippet that demonstrates the issue or a link to a code repository the developers can easily pull down to recreate the issue locally.

Note: Because the developers need to copy and paste the code snippet, including a code snippet as a media file (i.e. .gif) is not sufficient.

3. Expected behavior A clear and concise description of what you expected to happen. Should be able to publish extension (F5) in VS Code targeting BC on-premise with SSL enabled and Sandbox environments.

4. Actual behavior A clear and concise description of what happened accompanied by images, animations, or a link to a video showing the issue occurring BC on-premise: image

BC Sandbox: image

5. Versions:

Final Checklist

Please remember to do the following:

ZjTham commented 8 months ago

kindly assist, this issue have been around for long time already for BC on-premise with SSL enabled. Recently, the Sandbox environment got affected as well. Thank you.

SBalslev commented 8 months ago

Certificate validation is done on the client side. You can see the different error scenarios here: https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.x509certificates.x509chainstatusflags

If your network configuration does not allow connection to the revocation endpoint you will need to make sure it is verifiable offline or open for it.

Currently, we do not support skipping certificate validation. If needed then I recommend adding an idea on aka.ms/bcideas