1

There are many similar topics with same issue, but nothing relevant to my issue on Identity server. Probably am still failing to understand this. I am trying to implement identity server authentication by recreating this sample

Sample GetToken() method is working fine, but when I call GetToken() method in my application I get error

The remote certificate is invalid according to the validation procedure. I am realy not sure how semple working fine, but my code does not.

This is code

public async Task<ActionResult> GetToken()
{
    var client = new TokenClient(
        "https://localhost:44331/connect/authorize",
        "codeclient",
        "secret");

    var code = Request.QueryString["code"];
    var tempState = await GetTempStateAsync();
    Request.GetOwinContext().Authentication.SignOut("TempState");

    var response = await client.RequestAuthorizationCodeAsync(
        code,
        "http://localhost/UniSrv.Client.Web/callback"
            );

    //... more code
   }

It breaks on RequestAuthorizationCodeAsync. I am using same certificate as sample aplication on identiy server host app. Do I need certificate on client? If yes, why than sample application working without that? Thank for help to resolve this issue.

cmoha
  • 73
  • 1
  • 2
  • 10
Raskolnikov
  • 3,791
  • 9
  • 43
  • 88
  • 1
    I believe this has something to do with ssl certificate. Can you try using a https callback endpoint as with the sample? – rawel Jan 25 '16 at 00:23
  • Yes that was problem. I coluld not use ssl because I used 'Local IIS'. When I changed to 'IIS Expres' it was fine. @rawel you can answer, I will accept it. – Raskolnikov Jan 25 '16 at 07:20

1 Answers1

1

It looks like SSL Certificate validation failed. Try Using HTTPS on the callback endpoint. Note: https transport security must be enabled when OAuth/OpenId connect tokens are used.

rawel
  • 2,923
  • 21
  • 33