Identity Server 4. 使用自签名证书时出错
Identity Server 4. Getting error when using self-signed certificate
我有一个身份服务器、一个 Web API 和一个前端应用程序。通常它们在本地主机上 运行ning 并且工作正常。现在我需要 运行 我的本地 IP 地址上的应用程序。我将所有设置从 localhost:port 更改为 :port 并且我在 Web API:
中收到以下错误
System.InvalidOperationException: IDX20803: Unable to obtain configuration from: '<my_ip>:5003/.well-known/openid-configuration'.
---> System.IO.IOException: IDX20804: Unable to retrieve document from: '<my_ip>:5003/.well-known/openid-configuration'.
---> System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.
---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
我尝试生成一个自签名证书并添加到证书存储中,我在 SO 上尝试了很多解决方案,即 。我所做的就是从此错误和 Keyset does not exist
切换
这是我尝试加载证书的方式:
var key = Configuration["certBase64"]; // exported from store as x509 base64 encoded
var pfxBytes = Convert.FromBase64String(key);
var cert = new X509Certificate2(pfxBytes, "<certificate-pwd>", X509KeyStorageFlags.MachineKeySet);
builder.AddSigningCredential(cert);
我错过了什么?
更新
我还尝试为我的 IP 使用本地 DNS 名称。在我的路由器上,我设置了从 myapp.local 到 的转发。然后我创建了一个主题和 DNS 名称 = myapp.local 的自签名证书,但它没有帮助。
当前错误:
System.InvalidOperationException: IDX20803: Unable to obtain configuration from: 'myapp.local:5003/.well-known/openid-configuration'.
---> System.IO.IOException: IDX20804: Unable to retrieve document from: 'myapp.local:5003/.well-known/openid-configuration'.
---> System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.
---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
当您尝试使用 IP 地址连接到服务时,您不能使用 HTTPS 和证书。您必须始终拥有本地计算机信任的域名和有效证书。
我有一个身份服务器、一个 Web API 和一个前端应用程序。通常它们在本地主机上 运行ning 并且工作正常。现在我需要 运行 我的本地 IP 地址上的应用程序。我将所有设置从 localhost:port 更改为
System.InvalidOperationException: IDX20803: Unable to obtain configuration from: '<my_ip>:5003/.well-known/openid-configuration'.
---> System.IO.IOException: IDX20804: Unable to retrieve document from: '<my_ip>:5003/.well-known/openid-configuration'.
---> System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.
---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
我尝试生成一个自签名证书并添加到证书存储中,我在 SO 上尝试了很多解决方案,即 Keyset does not exist
这是我尝试加载证书的方式:
var key = Configuration["certBase64"]; // exported from store as x509 base64 encoded
var pfxBytes = Convert.FromBase64String(key);
var cert = new X509Certificate2(pfxBytes, "<certificate-pwd>", X509KeyStorageFlags.MachineKeySet);
builder.AddSigningCredential(cert);
我错过了什么?
更新
我还尝试为我的 IP 使用本地 DNS 名称。在我的路由器上,我设置了从 myapp.local 到
当前错误:
System.InvalidOperationException: IDX20803: Unable to obtain configuration from: 'myapp.local:5003/.well-known/openid-configuration'.
---> System.IO.IOException: IDX20804: Unable to retrieve document from: 'myapp.local:5003/.well-known/openid-configuration'.
---> System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.
---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
当您尝试使用 IP 地址连接到服务时,您不能使用 HTTPS 和证书。您必须始终拥有本地计算机信任的域名和有效证书。