Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Kestrel could not be started. #151

Open
W-Maxo opened this issue Oct 27, 2020 · 6 comments
Open

Kestrel could not be started. #151

W-Maxo opened this issue Oct 27, 2020 · 6 comments

Comments

@W-Maxo
Copy link

W-Maxo commented Oct 27, 2020
edited
Loading

Dear @ffMathy

Kestrel could not be started when used "https://" + DomainToUse.

CaptureLE23
@OlegJakushkin
Copy link

Encountered the same exact problem when publishing into Portable build on Windows server.

Solution:

  1. Add cert. persistence code alike
            services.AddFluffySpoonLetsEncryptCertificatePersistence(
                async (key, bytes) => await File.WriteAllBytesAsync("certificate_" + key + ".pfx", bytes),
                async (key) =>
                {
                    byte[] result = null;
                    try
                    {
                        result = await File.ReadAllBytesAsync("certificate_" + key + ".pfx");
                    }
                    catch (Exception e)
                    {
                        //Log stuff
                    }

                    return result;
                });
  1. Add localhost certificate via cmd
dotnet dev-certs https --trust
  1. Compile, publish, Run once - it will generate certificates
  2. Revoke localhost certificate via cmd-> mmc-> file -> Add/Remove -> Certificates -> My User -> Finish -> Ok; In Personal certificates you'll find an item to remove.
  3. In appsettings.json add something like:
{
  "Logging": {
    "LogLevel": {
      "Default": "Information",
      "Microsoft": "Warning",
      "Microsoft.Hosting.Lifetime": "Information"
    }
  },
  "AllowedHosts": "*",
   "Kestrel": {
    "Certificates": {
      "Default": {
        "Path": "./certificate_Site.pfx",
        "Password": "FluffySpoon"
      }
    }
  }
}

Service\App will run. And display stuff like this:

image

Yet this bug probably kills all stuff related to certificate autoupdate and certificate password dynamical changes...

image

@ffMathy
Copy link
Owner

ffMathy commented Nov 20, 2020

Don't have a lot of time lately. PRs are welcome and appreciated! ❤️🙏

@MarkCiliaVincenti
Copy link

Have the same issue running Kestrel on Linux, .NET 5

FluffySpoon.AspNet.LetsEncrypt 1.163 works fine
FluffySpoon.AspNet.EncryptWeMust 1.169 and 1.171 throw that exception

@MarkCiliaVincenti
Copy link

Gave up and revered back to FluffySpoon.AspNet.LetsEncrypt. Too many bugs with FluffySpoon.AspNet.EncryptWeMust and the project looks dead.

@she2
Copy link

she2 commented Jan 25, 2022

I am having this same issue running Kestrel on Linux with .Net 6

@MarkCiliaVincenti
Copy link

I am having this same issue running Kestrel on Linux with .Net 6

I ended up creating https://www.nuget.org/packages/TlsCertificateLoader/ which I'm using with the industry-standard Certbot handling the actual renewals. This package allows loading of TLS (HTTPS) certificates for .NET 6.0 Kestrel web applications, allowing for refreshing of certificates as well as compatibility with HTTP/3, and tested well on Linux.

Viir added a commit to pine-vm/pine that referenced this issue Mar 23, 2024
@Viir
Work around problems with asynchronous SSL certificate arrival
3c82179 
Work around the problem with ASP.NET crashing because SSL certificates arrive ordered via LetsEncrypt arrive after starting the app: Disable HTTPS for a first start, if we find the certificate is not available. Later, if the HTTPS certificate has arrived, restart the ASP.NET host with the HTTPS URLS.
For discussion of this issue, see:

+ <ffMathy/FluffySpoon.AspNet.EncryptWeMust#151>
+ <natemcmaster/LettuceEncrypt#293>

Also, update the LetsEncrypt library and Certes to integrate various  recent upstream improvements.
Viir added a commit to pine-vm/pine that referenced this issue Mar 24, 2024
@Viir
Work around problems with asynchronous SSL certificate arrival
338f4fd 
Work around the problem with ASP.NET crashing because SSL certificates arrive ordered via LetsEncrypt arrive after starting the app: Disable HTTPS for a first start, if we find the certificate is not available. Later, if the HTTPS certificate has arrived, restart the ASP.NET host with the HTTPS URLS.
For discussion of this issue, see:

+ <ffMathy/FluffySpoon.AspNet.EncryptWeMust#151>
+ <natemcmaster/LettuceEncrypt#293>
+ <dotnet/aspnetcore#26258>
+ <dotnet/aspnetcore#45801>

Also, update the LetsEncrypt library and Certes to integrate various  recent upstream improvements.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@she2 @ffMathy @OlegJakushkin @MarkCiliaVincenti @W-Maxo