Hello when I try to add "iisExpress": {"applicationUrl": "http://localhost:48000; http://localhost:48001","sslPort": 0} second uri I receive "Invali URI : Invalid port specified". Do you have an idea what should I do ?
My purpose is add and test Hsts for security for my existing api . I receive error while following this guide =>
How to Implement HSTS header in ASP.Net Core 6.0?
Related
Hi there I am trying to communicate two aplications (both APIs) in the same cluster on kubernetes(from openshift) but in a different namespace...
When I send the httpclient request using regular URL I get a SSL error because the route "leaves" the internal network and "comes back". With a advice I changed the comunication using my service name (mapped on the pods)... Now I don't get the error but the HTTRESPONSE I gete is Null, with no error or statuscode:
Here is how I configured the service name:
http://servicename.projectname.svc.cluster.local:8080/
If i change the port to 8080 or use http I get the error "no route to host" but the route is set. But the HOST field below is set to the URL and not the cluster host, could the problem be this?
Solved by setting the certificate in the pipeline (yaml) so it is applied in the pods
I created a Asp.Net Core app with Visual Studio and used the publish option of VS to publish my app on my Azure account.
After publishing it, I used the link to access my website but I get a "HTTP Error 500.30 - ASP.NET Core app failed to start"
I went to the console in Azure to manually start my app and have more detail about the issue and I got this.
Not really sure how to solve this issue with my port
Below is the code from program.cs
var connectionString = builder.Configuration.GetConnectionString("LocalConnection");
builder.Services.AddDbContext<LotharDataBaseContext>(options =>
options.UseSqlServer(connectionString));
builder.Services.AddControllersWithViews();
builder.Services.AddAuthentication(NegotiateDefaults.AuthenticationScheme)
.AddNegotiate();
builder.Services.AddAuthorization(options =>
{
// By default, all incoming requests will be authorized according to the default policy.
options.FallbackPolicy = options.DefaultPolicy;
});
builder.Services.AddRazorPages();
var app = builder.Build();
// Configure the HTTP request pipeline.
if (!app.Environment.IsDevelopment())
{
app.UseExceptionHandler("/Home/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
app.Run();
Through your screenshot, I saw Kestrel, so I think, the webapp you created should be on linux platform. The port occupancy on your screenshot is expected behavior, it shouldn't be the root cause. Since the site is already running, and you manually command it to start again, this error should appear.
I suggest you provide your Program.cs file first, we need to look at UseUrls, or the code for UseKestrel.
How to check the logs when start webapp:
open you kudu site, url should be https://your_app_name.scm.azurewebsites.net
open newui, https://your_app_name.scm.azurewebsites.net/newui
steps:
In this default_docker.log file, we will get useful message.
Steps you can try:
Try to add .UseIIS, and we know your platform is linux.
Kestrel address binding errors in azure app service
Remove .UseUrls(), and re-deploy your webapp.
In my case, i was using the azure sql database so changing the connection string of database to use tcp protocol and 1433 as port, resolved this problem.
e-g
Server=tcp:<ServerName>.database.windows.net,1433;Initial Catalog=<DatabaseName>
I am trying to enable external request on my web api running with iis express. To work with my xamarin project - Emulator.
I followed this doc : https://learn.microsoft.com/fr-fr/aspnet/web-api/overview/security/working-with-ssl-in-web-api
And I tried to follow this one too :
https://learn.microsoft.com/en-us/iis/extensions/using-iis-express/handling-url-binding-failures-in-iis-express#serving-external-traffic
But I can't run this command write in this doc : netsh http add sslcert ipport=0.0.0.0:44300 certhash= appid={00112233-4455-6677-8899-AABBCCDDEEFF}
"Failed to add SSL certificate; error: 183
An existing file cannot be created. "
(I use the redirection http to https.)
Any adivce ?
Recently I developed a asp.net core 2.0 web app in my company and in debug mode works perfect, however when I deployed in our testing server into IIS and we try to execute from a client machine it ran into a problem:
An unhandled exception occurred while processing the request.
CryptographicException: The key {0851ad3b-df33-4cf7-8c3a-5c637adaa713} was not found in the key ring.
Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.UnprotectCore(Byte[] protectedData, bool allowOperationsOnRevokedKeys, out UnprotectStatus status)
InvalidOperationException: The antiforgery token could not be decrypted.
Microsoft.AspNetCore.Antiforgery.Internal.DefaultAntiforgeryTokenSerializer.Deserialize(string serializedToken)
The problem starts when I submmit login page. I investigated links with same problems here and other blogs, but I found that has to be with ValidateAntiForgeryToken and solution is related with Microsoft.AspNetCore.DataProtection. I added nuget package Microsoft.AspNetCore.DataProtection.Redis to my project and I added in ConfigureServices of startup class following code:
var redis = ConnectionMultiplexer.Connect("192.168.10.151:80");
services.AddDataProtection().PersistKeysToRedis(redis, "DataProtection-Keys");
services.AddOptions();
Our testing server ip is 192.168.10.151, however app throws following exception:
RedisConnectionException: It was not possible to connect to the redis server(s); to create a disconnected multiplexer, disable AbortOnConnectFail. InternalFailure on PING
¿Why it doesn't connect since is resolving in the same web app server?
¿Where is DataProtection-Keys database located?
as a workaround, I changed method by using PersistKeysToFileSystem as follows:
services.AddDataProtection()
.SetApplicationName("myapp-portal")
.PersistKeysToFileSystem(new System.IO.DirectoryInfo (#"c:\ProgramData\dpkeys"));
However running app in test server 192.168.10.151, when login form is submitted, goes back to login page. Checking stdout log file, only shows:
Hosting environment: Production
Content root path: C:\inetpub\wwwroot\OmniPays
Now listening on: http://localhost:30064
Application started. Press Ctrl+C to shut down.
Checking network messages by chrome's developers tools I noticed something:
Request URL: http://192.168.10.151/OmniPays/Account/Login
Request Method: POST
Status Code: 302 Found
Remote Address: 192.168.10.151:80
Referrer Policy: no-referrer-when-downgrade
and then ...
Request URL: http://192.168.10.151/OmniPays/Home/Main
Request Method: GET
Status Code: 302 Found
Remote Address: 192.168.10.151:80
Referrer Policy: no-referrer-when-downgrade
AccountController's Login action redirect request to HomeController's Main action only if authentication succeded, and Main action has [Authorize] attribute. For some reasons I can't achieve understand, Main action fails and return to Login page. URL in chrome shows: http://192.168.10.151/OmniPays/Account/Login?ReturnUrl=%2FOmniPays%2FHome%2FMain
I'm using Microsoft Identity. In debug mode works fine and if I deploy app in my local PC on IIS also works fine. ¿Maybe any SDK is missing in the server?
Please need help!!
Solution was found! the cause of problem was not in IIS neither the Server, connection to the server is using http rather than https, no certifies involved to validate secure connection, however testing in differents servers app works ok, so I felt really disappointed. Solution was to remove cookies an any data related with this URL pointing to Development Server (failing) in all browsers, data that was previously stored, and voila!!, now app works perfect. By default, as bhmahler comments data protection is made in memory and I left configuration by default, I mean, not explicitly persistence in redis nor PersistKeysToFileSystem and works fine, however is important to set DataProtection to strong data sensitive protection.
I'm newbie about these topics and It's unbelievable such a simple thing caused on me that waste of time. Thanks to all!.
My ASP.NET Application uses Windows authentication. I hosted the application in IIS and tried to access the application from the same server. I am able to access the application without error. But when I try to access the same application outside the server I am getting the error below:
The resource cannot be found. Description: HTTP 404. The resource you
are looking for (or one of its dependencies) could have been removed,
had its name changed, or is temporarily unavailable. Please review
the following URL and make sure that it is spelled correctly.
Requested URL: /FacetsUserSetupApp/home.aspx
The surprising part is I am getting this error only sometimes. It is working fine some other times. I am unsure of how this behavior is occurring.
The IIS trace log shows the below message when the error occurs:
2013-06-10 15:14:32 10.0.40.168 GET /FacetsUserSetupApp/Home.aspx - 80
- 10.4.43.41 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.04506.648;+.NET+CLR+3.5.21022;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729;+InfoPath.3;+MS-RTC+LM+8;+.NET4.0C;+.NET4.0E;+MS-RTC+LM+8)
401 2 5 140
2013-06-10 15:14:33 ::1 POST /FacetsUserSetupService/Service1.svc - 80
- ::1 - 200 0 0 781
2013-06-10 15:14:33 ::1 POST /FacetsUserSetupService/Service1.svc - 80
- ::1 - 200 0 0 15
Please help me resolving this.
It seems that you are getting a 401.2 status code:
HTTP 401.2: Denied by server configuration
Description
The client browser and IIS could not agree on an authentication
protocol.
Common reasons
No authentication protocol (including anonymous) is selected in IIS. At least one authentication type must be selected. For more
information, click the following article number to view the article in
the Microsoft Knowledge Base:
253667 Error message: HTTP 401.2 - Unauthorized: Logon failed due to server configuration
with no authentication
Only Integrated authentication is enabled, and an older, non-Internet Explorer client browser tries to access the site. This
happens because the client browser cannot perform Integrated
authentication. To resolve this problem, use one of the following
methods:
Configure IIS to accept Basic authentication. This should only occur over SSL for security purposes.
Use a client browser that can perform Integrated authentication. Internet Explorer and new versions of Netscape Navigator and Mozilla
Firefox can perform Integrated authentication.
Integrated authentication is through a proxy. This happens because the proxy doesn't maintain the NTLM-authenticated connection
and thus sends an anonymous request from the client to the server.
Options to resolve this problem are as follows:
Configure IIS to accept Basic authentication. This should only occur over SSL for security purposes.
Don't use a proxy.
Probably the problem occurs because of the proxy.
Also just to make sure that everything is properly configured, check these troubleshooting / configuration links:
Error message when you try to visit a Web page that is hosted on IIS 7.0: "HTTP Error 401.2 - Unauthorized"
Windows Authentication <windowsAuthentication>