'Failed to authenticate HTTPS connection' while accessing ASP.NET Core 2.1 Web API from React Native

Question

I have an ASP.NET Core 2.1 Web API project that is serving data from an SQL Server database. I checked 'Configure for HTTPS' option while I was creating the API project in Visual Studio.

I need to access this API from a React Native project, and I have tried using the Fetch API for it. The method I am using works when I make REST requests to different APIs but it is not working for my own API project. When I make a simple GET request to the API, I receive a Network request failed error on my mobile device, while on the API end, following error stack is encountered:

dbug: HttpsConnectionAdapter[1]
      Failed to authenticate HTTPS connection.
System.Security.Authentication.AuthenticationException: Authentication failed, see inner exception. ---> System.ComponentModel.Win32Exception: An unknown error occurred while processing the certificate
   --- End of inner exception stack trace ---
   at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception)
   at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.PartialFrameCallback(AsyncProtocolRequest asyncRequest)
--- End of stack trace from previous location where exception was thrown ---
   at System.Net.Security.SslState.ThrowIfExceptional()
   at System.Net.Security.SslState.InternalEndProcessAuthentication(LazyAsyncResult lazyResult)
   at System.Net.Security.SslState.EndProcessAuthentication(IAsyncResult result)
   at System.Net.Security.SslStream.EndAuthenticateAsServer(IAsyncResult asyncResult)
   at System.Net.Security.SslStream.<>c.<AuthenticateAsServerAsync>b__51_1(IAsyncResult iar)
   at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization)
--- End of stack trace from previous location where exception was thrown ---
   at Microsoft.AspNetCore.Server.Kestrel.Https.Internal.HttpsConnectionAdapter.InnerOnConnectionAsync(ConnectionAdapterContext context)

However, the request works fine when I make it using Postman, and following is the result:

info: Microsoft.AspNetCore.Hosting.Internal.WebHost[1]
      Request starting HTTP/1.1 GET https://localhost:5001/api/values application/json
info: Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler[2]
      Successfully validated the token.
info: Microsoft.EntityFrameworkCore.Infrastructure[10403]
      Entity Framework Core 2.1.1-rtm-30846 initialized 'DataContext' using provider 'Microsoft.EntityFrameworkCore.SqlServer' with options: None
info: Microsoft.EntityFrameworkCore.Database.Command[20101]
      Executed DbCommand (62ms) [Parameters=[@__get_Item_0='?' (DbType = Int32)], CommandType='Text', CommandTimeout='30']
      SELECT TOP(1) [e].[id], [e].[pw], [e].[pws], [e].[em]
      FROM [ul] AS [e]
      WHERE [e].[id] = @__get_Item_0
info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[1]
      Route matched with {action = "Get", controller = "Values"}. Executing action Api.Controllers.ValuesController.Get (Api)
info: Microsoft.AspNetCore.Authorization.DefaultAuthorizationService[1]
      Authorization was successful.
info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[1]
      Executing action method Api.Controllers.ValuesController.Get (Api) - Validation state: Valid
info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[2]
      Executed action method Api.Controllers.ValuesController.Get (Api), returned result Microsoft.AspNetCore.Mvc.ObjectResult in 0.4905ms.
info: Microsoft.AspNetCore.Mvc.Infrastructure.ObjectResultExecutor[1]
      Executing ObjectResult, writing value of type 'System.String[]'.
info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[2]
      Executed action Api.Controllers.ValuesController.Get (Api) in 30.7297ms
info: Microsoft.AspNetCore.Hosting.Internal.WebHost[2]
  Request finished in 125.3707ms 200 application/json; charset=utf-8

Additional info:

When I run the API project, following dialogue box appears:

Clicking Yes results in:

What is the reason for this error and how should I go about solving this issue?

You need to fix the "additional info" part first - this installs the certificate used by the local server onto your machine. No cert in the trust store, no trust, react native error above. — ProgrammingLlama, Aug 29 '18 at 07:38
@John: Is there a way I could solve the 'ACL structure is invalid' problem? — Uzair A., Aug 29 '18 at 07:59
@UzairA. Are you able to solve the problem. Can you please share the solution. I am facing same problem. Thanks — ram kris, Sep 30 '19 at 10:14
@ramkris Sorry, but no. I gave up on this problem and ended up using completely different back-end strategy. — Uzair A., Oct 01 '19 at 18:34

ProgrammingLlama · Answer 1 · 2018-08-29T07:59:58.643

According to this MSDN blog you can install the certificate manually.

Open a blank Microsoft Management Console by clicking Start, then Run, entering "mmc" and clicking OK:

Click File, and then click Add/Remove Snap-in:

When the Add or Remove Snap-ins dialog box is displayed, click Certificates, and then click Add:

When the Certificates Snap-ins dialog box is displayed, click Computer account, and then click Next:

Click Local computer, and then click Finish:

Click OK to close the Add or Remove Snap-ins dialog box:

In the Console Root, expand Certificates (Local Computer), then expand Personal, and then click Certificates:

Select the certificate with the following attributes: Issued to = "localhost", Issued by = "localhost", Friendly Name = "IIS Express Development Certificate"

Click Action, then click All Tasks, and then click Export:

When the Certificate Export Wizard is displayed, click Next:

Click No, do not export the private key, and then click Next:

Click DER encoded binary X.509 (.CER), and then click Next:

Enter the path for exported certificate, e.g. "c:\users\robert\desktop\iisexpress.cer", and then click Next:

Click Finish to export the certificate:

Click OK when the Certificate Export Wizard displays a dialog box informing you that the export was successful:

In the Console Root, expand Certificates (Local Computer), then expand Trusted Root Certification Authorities, and then click Certificates:

Click Action, then click All Tasks, and then click Import:

When the Certificate Import Wizard is displayed, click Next:

Enter the path to your exported certificate, e.g. "c:\users\robert\desktop\iisexpress.cer", and then click Next:

Ensure that Place all certificates in the following store is checked and verify that the selected Certificate store is set to Trusted Root Certification Authorities, and then click click Next:

Click Finish to import the certificate:

Click OK when the Certificate Import Wizard displays a dialog box informing you that the import was successful:

You IIS Express certificate should now be displayed in the listed of Trusted Root Certification Authorities as "localhost":

I don't see any 'Install Certificate' option. Internet Explorer only gives the options 'Close this tab' or 'Go on to the web page'. — Uzair A., Aug 29 '18 at 07:52
@Uzair It seems Microsoft have improved things again. I think the second method ought to work (edited my question to include it), although I haven't tried it myself. — ProgrammingLlama, Aug 29 '18 at 08:01

score 1 · Answer 2 · answered Jul 02 '20 at 03:23

1

this my solution

dotnet dev-certs https
dotnet dev-certs https --trust

answered Jul 02 '20 at 03:23

rodrigo.rodriguez

299
2
16

1

Please explain what your solution does and how it helps. – BDL Jul 03 '20 at 11:25
@rodrigo.rodriguez is correct `dotnet dev-certs https --trust` will trust the certificate installed by .NET Core: "Installing the .NET Core SDK installs the ASP.NET Core HTTPS development certificate to the local user certificate store. The certificate has been installed, but it's not trusted. To trust the certificate, perform the one-time step to run the dotnet dev-certs tool" https://learn.microsoft.com/en-us/aspnet/core/security/enforcing-ssl?view=aspnetcore-3.1&tabs=visual-studio#trust-the-aspnet-core-https-development-certificate-on-windows-and-macos – Metalogic Oct 30 '20 at 00:31

score 0 · Answer 3 · answered Dec 11 '20 at 19:26

0

this solution solved problem https://stackoverflow.com/a/59539907/8722913

dotnet dev-certs https --clean

dotnet dev-certs https --trust

answered Dec 11 '20 at 19:26

Mohamad Elnaqeeb

541
4
13

'Failed to authenticate HTTPS connection' while accessing ASP.NET Core 2.1 Web API from React Native

3 Answers3