Asp.Net: Errors when changing server certificate

I want to create a gRPC server in my local network and have to run it via SSL. For various reasons, I cannot use a self-signed certificate, so I created my own root CA and imported it to my PCs root trust store. I then created a new certificate from that root CA. In a really bare bones ASP.NET application (even without gRPC) changing the server certificate to my created certificate will not establish a secure connection when called from any browser via HTTPS. The debug logged error message reads as follows:
dbug: Microsoft.AspNetCore.Server.Kestrel.Https.Internal.HttpsConnectionMiddleware[1]
Failed to authenticate HTTPS connection.
System.Security.Authentication.AuthenticationException: Authentication failed, see inner exception.
---> System.ComponentModel.Win32Exception (0x80090327): An unknown error occurred while processing the certificate.
--- End of inner exception stack trace ---
at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](Boolean receiveFirst, Byte[] reAuthenticationData, CancellationToken cancellationToken)
at System.Net.Security.SslStream.ProcessAuthenticationWithTelemetryAsync(Boolean isAsync, CancellationToken cancellationToken)
at Microsoft.AspNetCore.Server.Kestrel.Https.Internal.HttpsConnectionMiddleware.OnConnectionAsync(ConnectionContext context)
dbug: Microsoft.AspNetCore.Server.Kestrel.Https.Internal.HttpsConnectionMiddleware[1]
Failed to authenticate HTTPS connection.
System.Security.Authentication.AuthenticationException: Authentication failed, see inner exception.
---> System.ComponentModel.Win32Exception (0x80090327): An unknown error occurred while processing the certificate.
--- End of inner exception stack trace ---
at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](Boolean receiveFirst, Byte[] reAuthenticationData, CancellationToken cancellationToken)
at System.Net.Security.SslStream.ProcessAuthenticationWithTelemetryAsync(Boolean isAsync, CancellationToken cancellationToken)
at Microsoft.AspNetCore.Server.Kestrel.Https.Internal.HttpsConnectionMiddleware.OnConnectionAsync(ConnectionContext context)
I have no further idea where to intercept to maybe get a better look at this issue or what exactly is supposedly wrong with the certificate. I also should clarify, that I had to create a pfx file from my initially created pem certificate, as with pem certificates, Windows seems to have issues if the key is stored separately from the certificate file. Since those certificates are tailored to my current environment, I can only really give you this description and my bare bones project as reproduction. I want to access the server directly via IP, and it does work without setting my own certificate.
0 Replies
No replies yetBe the first to reply to this messageJoin
Want results from more Discord servers?
Add your server