Use global error handling to catch CertificateAuthenticationHandler errors leading to http response status 403 (forbidden)

[abrasat]

Thanks for the very good article and for the code sample! I tried to use the approach from the sample to handle asp net core errors in case of invalid certificates rejected by the microsoft certificate authentication handler. The authentication handler identifies for instance an expired certificate (the generated log message is "Microsoft.AspNetCore.Authentication.Certificate.CertificateAuthenticationHandler @ LogMessage : Certificate validation failed, subject was CN=xxx. NotTimeValid...") and sends a 403 http response status to the client. I would like to add a middleware to "catch" the exception leading to the http response 403, in view to add a "response details" information. Unfortunately no exception is generated in the CustomExceptionMiddleware from the sample.... Is there some other mechanism available to handle the http response status 403?