Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Regression: Certificate validation does no longer work on linux machines when upgrading from 3.0.6 to 3.0.7 or 3.0.8

See original GitHub issue

I used to build an instance of IMqttClientOptions as follows:

private IMqttClientOptions GetConnectOptions()
{
    var builder = new MqttClientOptionsBuilder()
        .WithCleanSession()
        .WithTcpServer(Configuration.Host, Configuration.Port)
        .WithProtocolVersion(MqttProtocolVersion.V311);

    if (Configuration.Auth.Enable)
    {
        builder.WithCredentials(Configuration.Auth.Username, Configuration.Auth.Password);
    }

    if (Configuration.Ssl.Enable)
    {
        builder.WithTls(parameters =>
        {
            parameters.UseTls = true;
            parameters.AllowUntrustedCertificates = Configuration.Ssl.AllowUntrustedCertificates;
        });
    }
            
    return builder.Build();
}

This used to work fine, also for ssl connections with letsencrypt certificates and AllowUntrustedCertificates=false. By bumping the version to 3.0.7 or newer it still works on windows. It doesn’t on a linux (ubuntu bionic) machine where it fails with the error message The remote certificate is invalid according to the validation procedure..

Issue Analytics

  • State:closed
  • Created 4 years ago
  • Reactions:6
  • Comments:5 (3 by maintainers)

github_iconTop GitHub Comments

6reactions
dpsennercommented, Dec 13, 2019

Bumping the application from netcoreapp2.2 to netcoreapp3.1 resolves the problem.

0reactions
chkr1011commented, Dec 5, 2022

I assume this issue is solved with the upgrade to netcoreapp3.1.

Read more comments on GitHub >

github_iconTop Results From Across the Web

Certificate validation does no longer work on linux ...
Regression : Certificate validation does no longer work on linux machines when upgrading from 3.0.6 to 3.0.7 or 3.0.8 #819.
Read more >
OpenSSL Issues Update to Fix Formerly 'Critical' ...
Note: You do not need to update your SSL/TLS certificate. The vulnerability is only in the OpenSSL software and not in the certificate...
Read more >
OpenSSL 3.0.7
This function is used when decoding certificates or keys. If a long lived process periodically decodes certificates or keys its memory usage will...
Read more >
Apt-Get Update Failing because of Certificate Validation
Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown. Could not handshake:.
Read more >
18.04 - apt-get update failed because certificate verification ...
This disables apt's OCSP verification, and is not recommended. ... Run apt update to get the new ca-certificates info. Run apt install ca- ......
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

No Namespace in documentation !

Next page

Decouple connection middleware from MQTTnet.AspnetCore