Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

.net 5.0 SSL certificate failed to run in Linux system

See original GitHub issue

The configuration file is as follows

  "Kestrel": {
    "Endpoints": {
      "Http": {
        "Url": "http://0.0.0.0:1116"
      },
      "HttpsInlineCertFile": {
        "Url": "https://localhost:5001",
        "Certificate": {
          "Path": "4896942_vx.jjbbl.com.pfx",
          "Password": "B0rEh8gi"
        }
      }
      
    }
  },

The certificate file is as follows certificate file

The following error is reported in CentOS 7

crit: Microsoft.AspNetCore.Server.Kestrel[0]
      Unable to start Kestrel.
      System.ArgumentOutOfRangeException: Index was out of range. Must be non-negative and less than the size of the collection. (Parameter 'index')
         at System.Security.Cryptography.X509Certificates.X509ChainElementCollection.get_Item(Int32 index)
         at System.Net.Security.SslStreamCertificateContext.Create(X509Certificate2 target, X509Certificate2Collection additionalCertificates, Boolean offline)
         at Microsoft.AspNetCore.Server.Kestrel.Https.Internal.HttpsConnectionMiddleware..ctor(ConnectionDelegate next, HttpsConnectionAdapterOptions options, ILoggerFactory loggerFactory)
         at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.<>c__DisplayClass12_0.<UseHttps>b__0(ConnectionDelegate next)
         at Microsoft.AspNetCore.Server.Kestrel.Core.ListenOptions.Build()
         at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.<>c__DisplayClass29_0`1.<<StartAsync>g__OnBind|0>d.MoveNext()
      --- End of stack trace from previous location ---
         at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.BindEndpointAsync(ListenOptions endpoint, AddressBindContext context)
         at Microsoft.AspNetCore.Server.Kestrel.Core.ListenOptions.BindAsync(AddressBindContext context)
         at Microsoft.AspNetCore.Server.Kestrel.Core.AnyIPListenOptions.BindAsync(AddressBindContext context)
         at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.EndpointsStrategy.BindAsync(AddressBindContext context)
         at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.BindAsync(IEnumerable`1 listenOptions, AddressBindContext context)
         at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.BindAsync(CancellationToken cancellationToken)
         at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.StartAsync[TContext](IHttpApplication`1 application, CancellationToken cancellationToken)
Unhandled exception. System.ArgumentOutOfRangeException: Index was out of range. Must be non-negative and less than the size of the collection. (Parameter 'index')
   at System.Security.Cryptography.X509Certificates.X509ChainElementCollection.get_Item(Int32 index)
   at System.Net.Security.SslStreamCertificateContext.Create(X509Certificate2 target, X509Certificate2Collection additionalCertificates, Boolean offline)
   at Microsoft.AspNetCore.Server.Kestrel.Https.Internal.HttpsConnectionMiddleware..ctor(ConnectionDelegate next, HttpsConnectionAdapterOptions options, ILoggerFactory loggerFactory)
   at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.<>c__DisplayClass12_0.<UseHttps>b__0(ConnectionDelegate next)
   at Microsoft.AspNetCore.Server.Kestrel.Core.ListenOptions.Build()
   at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.<>c__DisplayClass29_0`1.<<StartAsync>g__OnBind|0>d.MoveNext()
--- End of stack trace from previous location ---
   at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.BindEndpointAsync(ListenOptions endpoint, AddressBindContext context)
   at Microsoft.AspNetCore.Server.Kestrel.Core.ListenOptions.BindAsync(AddressBindContext context)
   at Microsoft.AspNetCore.Server.Kestrel.Core.AnyIPListenOptions.BindAsync(AddressBindContext context)
   at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.EndpointsStrategy.BindAsync(AddressBindContext context)
   at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.BindAsync(IEnumerable`1 listenOptions, AddressBindContext context)
   at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.BindAsync(CancellationToken cancellationToken)
   at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.StartAsync[TContext](IHttpApplication`1 application, CancellationToken cancellationToken)
   at Microsoft.AspNetCore.Hosting.GenericWebHostService.StartAsync(CancellationToken cancellationToken)
   at Microsoft.Extensions.Hosting.Internal.Host.StartAsync(CancellationToken cancellationToken)
   at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.RunAsync(IHost host, CancellationToken token)
   at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.RunAsync(IHost host, CancellationToken token)
   at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.Run(IHost host)
   at ScottBrady.Pem.Kestrel.Program.Main(String[] args) in C:\Users\leus\Downloads\Blog-Example-Classes-master\Blog-Example-Classes-master\Pem Loading in .NET Core and .NET 5\ScottBrady.Pem.Kestrel\Program.cs:line 11

Issue Analytics

  • State:closed
  • Created 3 years ago
  • Reactions:2
  • Comments:24 (12 by maintainers)

github_iconTop GitHub Comments

1reaction
hvidgaardcommented, Jan 15, 2021

I can confirm that installing the root CA fixes the problem at our end, and I expect the next bugfix release (5.0.3) works without the workaround. Thanks for the help @wfurt, it is much appreciated.

1reaction
hvidgaard-imscommented, Dec 14, 2020

Any progress on this? It’s blocking our upgrade from core3.1 to net5.0 with the exact same error.

Read more comments on GitHub >

github_iconTop Results From Across the Web

How to fix "Unable to configure HTTPS endpoint." on linux ...
Solution. There are several options to go, and I suggest you switch to the loading method that allow you to specify a certificate...
Read more >
Getting ASP.NET Core dev certs working in both WSL and ...
The SSL certificate being used for the ASP.NET applications by default, is not trusted by the system, even if it is a self-signed...
Read more >
Enforce HTTPS in ASP.NET Core
Requests to an endpoint using HTTP that are redirected to HTTPS by UseHttpsRedirection fail with ERR_INVALID_REDIRECT on the CORS preflight ...
Read more >
How to Fix the NET::ERR_CERT_AUTHORITY_INVALID ...
The NET::ERR_CERT_AUTHORITY_INVALID error occurs when a website's SSL certificate isn't trusted by the browser. Learn what's causing it and ...
Read more >
Configure certificate authentication in ASP.NET Core
Learn how to configure certificate authentication in ASP.NET Core for IIS and HTTP.sys.
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Blazor Virtualize: ItemsProvider called repeatedly after scrolling just far enough to load more items

Next page

Blazor WebAssembly: Link that opens page in new tab causes freeze in original page (in Edge browser)