Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
SSL Handshake issue on macOS Big Sur
See original GitHub issueSimply running this line of code that uses a DbContext with a SSL connection would result in this error.
using (var scope =
app.ApplicationServices.GetRequiredService<IServiceScopeFactory>().CreateScope())
using (var context = scope.ServiceProvider.GetService<DbContext>())
{
context?.Database.Migrate();
}
Application startup exception: Npgsql.NpgsqlException (0x80004005): Exception while performing SSL handshake
---> System.Security.Authentication.AuthenticationException: Authentication failed, see inner exception.
---> Interop+AppleCrypto+SslException: Internal error
--- End of inner exception stack trace ---
at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](TIOAdapter adapter, Boolean receiveFirst, Byte[] reAuthenticationData, Boolean isApm)
at System.Net.Security.SslStream.ProcessAuthentication(Boolean isAsync, Boolean isApm, CancellationToken cancellationToken)
at System.Net.Security.SslStream.AuthenticateAsClient(SslClientAuthenticationOptions sslClientAuthenticationOptions)
at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, Boolean checkCertificateRevocation)
at Npgsql.NpgsqlConnector.RawOpen(NpgsqlTimeout timeout, Boolean async, CancellationToken cancellationToken)
at Npgsql.NpgsqlConnector.RawOpen(NpgsqlTimeout timeout, Boolean async, CancellationToken cancellationToken)
at Npgsql.NpgsqlConnector.Open(NpgsqlTimeout timeout, Boolean async, CancellationToken cancellationToken)
at Npgsql.NpgsqlConnection.<>c__DisplayClass41_0.<<Open>g__OpenAsync|0>d.MoveNext()
--- End of stack trace from previous location ---
at Npgsql.NpgsqlConnection.Open()
at Npgsql.EntityFrameworkCore.PostgreSQL.Storage.Internal.NpgsqlDatabaseCreator.Exists()
at Microsoft.EntityFrameworkCore.Migrations.HistoryRepository.Exists()
at Microsoft.EntityFrameworkCore.Migrations.Internal.Migrator.Migrate(String targetMigration)
at Microsoft.EntityFrameworkCore.RelationalDatabaseFacadeExtensions.Migrate(DatabaseFacade databaseFacade)
at Nozomi.HistoricalJanitor.Startup.Configure(IApplicationBuilder app, IWebHostEnvironment env) in /Users/xxxxxx/Projects/xxxxx/xxxxx.HistoricalJanitor/Startup.cs:line 120
at System.RuntimeMethodHandle.InvokeMethod(Object target, Object[] arguments, Signature sig, Boolean constructor, Boolean wrapExceptions)
at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
at Microsoft.AspNetCore.Hosting.ConfigureBuilder.Invoke(Object instance, IApplicationBuilder builder)
at Microsoft.AspNetCore.Hosting.ConfigureBuilder.<>c__DisplayClass4_0.<Build>b__0(IApplicationBuilder builder)
at Microsoft.AspNetCore.Hosting.ConventionBasedStartup.Configure(IApplicationBuilder app)
at Microsoft.AspNetCore.HostFilteringStartupFilter.<>c__DisplayClass0_0.<Configure>b__0(IApplicationBuilder app)
at Microsoft.AspNetCore.Hosting.WebHost.BuildApplication()
https://gist.github.com/nixxholas/80b16f82fe8f0e04676d2ffcfe7a7a25
Running these on localhost would work fine tho. But when the local server (mac) connects to a GCP SQL server that has SSL, it fails.
Issue Analytics
- State:
- Created 3 years ago
- Comments:7 (4 by maintainers)
Top Results From Across the Web
SSL doesn't work in anything other than Safari on MacOS Big ...
Issue Summary SSL/HTTPS no longer works in anything other than Safari on MacOS Big Sur. On Firefox, Chrome, Opera, etc.
Read more >Mac App Store “An SSL error has occurred and a secure ...
Many Mac users are currently unable to download macOS Big Sur. This could be due to overwhelmed servers, or a number of other...
Read more >Server / SSL error when downloading large files
Server / SSL error when downloading large files · Clearing browser data, including cache, cookies and history · Verifying device's data and time....
Read more >Getting SSL Errors today? This is why.
I'm having this problem. A lot of websites are causing Chrome to show "NET::ERR_CERT_DATE_INVALID". I'm on an old MacBook Air running MacOS ...
Read more >macos - Mac OSX python ssl.SSLError ...
I had the same issue with macOS Big Sur. Here is what I did to solve the issue. IDE - Pycharm. Python Version...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Yeah, very likely. Another thing I’d try, would be to connect from macOS to GCP PG outside of Npgsql (e.g. just with libpq or the Java driver); the issue may be in macOS’s SSL implementation, or in GCP’s, or possibly in .NET’s wrapping for macOS… But not in Npgsql…
@nixxholas thanks for flagging this - but it’s very likely to be some compatibility/setup issue between .NET SslStream, the mac SSL implementation, and possibly GCP. Npgsql doesn’t do any of its own SSL - it simply delegates that task to the standard .NET SslStream.
First, does the same error occur with Linux/Windows as the client? That would help focus attention on the right area.
Second, I’d produce a minimal code sample with Npgsql (no EF Core), to make it more minimal. Just trying to open a connection should produce the exact same error.
At that point we’d probably file this as a bug on https://github.com/dotnet/runtime.