net::ERR_CERT_AUTHORITY_INVALID in ASP.NET Core

I am getting the net::ERR_CERT_AUTHORITY_INVALID error in ASP.NET Core when I try to request my Web API from an SPA.

The first solution to fix the issue was to go my ASP.NET Core address from browser AdvancedProceed to localhost (unsafe) and after that the requests from my SPA would work. But I would have to repeat the procedure each time I am starting to work on my project.

net::ERR_CERT_AUTHORITY_INVALID in ASP.NET Core

Another solution I found was this. In a nutshell the solution is to run the command: dotnet dev-certs https --trust. I am on Windows, so according to the linked article On Windows it'll get added to the certificate store.

But after I run the command I am still getting the net::ERR_CERT_AUTHORITY_INVALID issue on requests. What could I do about it?

Answers:

Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.

Method 1

Running the command dotnet dev-certs https --trust will create a self-signed certificate in your device. This certificate will be issued to the localhost domain. In my case, after running it, the certificate was created but it was not added to “Trusted Root Certification Authorities”.

net::ERR_CERT_AUTHORITY_INVALID in ASP.NET Core

To add the certificate, you will need to open certmgr.msc (win+r and run certmgr.msc), then go to “Personal” certificates and export the .cer certificate issued to localhost with the correct expiration time.

If you cannot find the certificate there, you can go to the browser and click on the not secure connection icon, then open the invalid certificate and go to the Details tab and click “Copy to File…”, which should create also a .cer certificate.

net::ERR_CERT_AUTHORITY_INVALID in ASP.NET Core

Next, go to “Trusted Root Certification Authorities” and import the certificate there. Once that is done, the certificate will be valid in your local machine. You may need to restart the browser and the service.

Method 2

In your application, add a reference to the Microsoft.AspNetCore.Authentication.Certificate via NuGet package. Then in the Startup.ConfigureServices method write this:

public void ConfigureServices(IServiceCollection services)
{
    services.AddAuthentication(
        CertificateAuthenticationDefaults.AuthenticationScheme)
        .AddCertificate();

    // All other service configuration
}

Also add app.UseAuthentication(); in the Startup.Configure method. Otherwise, the HttpContext.User will not be set to ClaimsPrincipal
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
   app.UseAuthentication();

    // All other app configuration
}

Source: https://docs.microsoft.com/en-us/aspnet/core/security/authentication/certauth?view=aspnetcore-3.1

Method 3

I followed these steps and it didn’t stop the “Not secure” message appearing in Chrome. So then I tried commenting the following line //app.UseHttpsRedirection(); in startup.cs in the Configure() method and it fixed the problem.


All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

0 0 votes
Article Rating
Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x