Unable to retrieve document from: 'http://xx/.well-known/openid-configuration'

[Olek-HZQ]

I downloaded the project and deployed Skoruba.IdentityServer4.Admin and Skoruba.IdentityServer4.STS.Identity in Linux (CentOS 7) system(virtual machine), Skoruba.IdentityServer4.STS.Identity(local domain: authdemo.local-ids4.com) is ok,

admin docker image tags(public): registry.cn-shenzhen.aliyuncs.com/olek/skoruba_identity_server4_admin:dev sts docker image tags(public): registry.cn-shenzhen.aliyuncs.com/olek/skoruba_ientity_server4_sts_identity:dev

docker run command : docker run -d --name auth-ids4 --network ids4test -p 7002:80 registry.cn-shenzhen.aliyuncs.com/olek/skoruba_ientity_server4_sts_identity:dev docker run -d --name admin-ids4 --network ids4test -p 7003:80 registry.cn-shenzhen.aliyuncs.com/olek/skoruba_identity_server4_admin:dev

nginx config: admin: sts:

But Skoruba.IdentityServer4.Admin(local domain: admin.ids4.com) has a problem, and here's the error message:

Exception at route /Configuration/Clients, System.InvalidOperationException: IDX20803: Unable to obtain configuration from: 'http://authdemo.local-ids4.com/.well-known/openid-configuration'., ---> System.IO.IOException: IDX20804: Unable to retrieve document from: 'http://authdemo.local-ids4.com/.well-known/openid-configuration'., ---> System.Net.Http.HttpRequestException: Name or service not known (authdemo.local-ids4.com:80), ---> System.Net.Sockets.SocketException (0xFFFDFFFF): Name or service not known, at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.ThrowException(SocketError error, CancellationToken cancellationToken), at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.System.Threading.Tasks.Sources.IValueTaskSource.GetResult(Int16 token), at System.Net.Sockets.Socket.g__WaitForConnectWithCancellation|283_0(AwaitableSocketAsyncEventArgs saea, ValueTask connectTask, CancellationToken cancellationToken), at System.Net.Http.HttpConnectionPool.DefaultConnectAsync(SocketsHttpConnectionContext context, CancellationToken cancellationToken), at System.Net.Http.ConnectHelper.ConnectAsync(Func3 callback, DnsEndPoint endPoint, HttpRequestMessage requestMessage, CancellationToken cancellationToken), --- End of inner exception stack trace ---, at System.Net.Http.ConnectHelper.ConnectAsync(Func3 callback, DnsEndPoint endPoint, HttpRequestMessage requestMessage, CancellationToken cancellationToken), at System.Net.Http.HttpConnectionPool.ConnectAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken), at System.Net.Http.HttpConnectionPool.CreateHttp11ConnectionAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken), at System.Net.Http.HttpConnectionPool.GetHttpConnectionAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken), at System.Net.Http.HttpConnectionPool.SendWithRetryAsync(HttpRequestMessage request, Boolean async, Boolean doRequestAuth, CancellationToken cancellationToken), at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken), at System.Net.Http.DiagnosticsHandler.SendAsyncCore(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken), at System.Net.Http.HttpClient.SendAsyncCore(HttpRequestMessage request, HttpCompletionOption completionOption, Boolean async, Boolean emitTelemetryStartStop, CancellationToken cancellationToken), at Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(String address, CancellationToken cancel), --- End of inner exception stack trace ---, at Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(String address, CancellationToken cancel), at Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfigurationRetriever.GetAsync(String address, IDocumentRetriever retriever, CancellationToken cancel), at Microsoft.IdentityModel.Protocols.ConfigurationManager1.GetConfigurationAsync(CancellationToken cancel), --- End of inner exception stack trace ---, at Microsoft.IdentityModel.Protocols.ConfigurationManager1.GetConfigurationAsync(CancellationToken cancel), at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleChallengeAsyncInternal(AuthenticationProperties properties), at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleChallengeAsync(AuthenticationProperties properties), at Microsoft.AspNetCore.Authentication.AuthenticationHandler`1.ChallengeAsync(AuthenticationProperties properties), at Microsoft.AspNetCore.Authentication.AuthenticationService.ChallengeAsync(HttpContext context, String scheme, AuthenticationProperties properties), at Microsoft.AspNetCore.Authorization.Policy.AuthorizationMiddlewareResultHandler.HandleAsync(RequestDelegate next, HttpContext context, AuthorizationPolicy policy, PolicyAuthorizationResult authorizeResult), at Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context), at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context), at Microsoft.AspNetCore.Localization.RequestLocalizationMiddleware.Invoke(HttpContext context), at NWebsec.AspNetCore.Middleware.Middleware.CspMiddleware.Invoke(HttpContext context), at NWebsec.AspNetCore.Middleware.Middleware.MiddlewareBase.Invoke(HttpContext context), at NWebsec.AspNetCore.Middleware.Middleware.MiddlewareBase.Invoke(HttpContext context), at NWebsec.AspNetCore.Middleware.Middleware.MiddlewareBase.Invoke(HttpContext context), at NWebsec.AspNetCore.Middleware.Middleware.MiddlewareBase.Invoke(HttpContext context), at Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware.g__Awaited|6_0(ExceptionHandlerMiddleware middleware, HttpContext context, Task task),

the document url can open ok on my local: http://authdemo.local-ids4.com/.well-known/openid-configuration

By the way, both deployments on IIS are no problem. I look forward to your answers, thank you.

[chungonion]

You host that on Docker right? You should ensure the domain name can be correctly resolved within the Docker container.

[Olek-HZQ]

Yes, I think so. i will test it in the future. I deployed on my own rented server and there was no problem. This demo is used to expose testing to people who need it: Server: https://auth.poetrysharing.com Management side: https://admin.poetrysharing.com Administrator login account password: Account: admin Password: Qianxun123456%%