ASP.NET Core application is saying SSL certificate has expired, but it has not expired

Question

I have an ASP.NET Zero application connected to an single sign-on (SSO) application using OpenIdConnect.

The SSO application is using Identity Server and the ASP.NET Zero application is validating against the SSL certificate on the SSO. The SSL certificate is still valid till 2022, but the ASP.NET Zero just stops working when it is validating login from the SSO application saying the certificate has expired.

Below are the errors:

**Mvc.ExceptionHandling.AbpExceptionFilter - IDX10249: X509SecurityKey validation failed. The associated certificate has expired. ValidTo (UTC): 'System.DateTime', Current time (UTC): 'System.DateTime'.

Microsoft.IdentityModel.Tokens.SecurityTokenInvalidSigningKeyException: IDX10249: X509SecurityKey validation failed. The associated certificate has expired. ValidTo (UTC): 'System.DateTime', Current time (UTC): 'System.DateTime'.

at Microsoft.IdentityModel.Tokens.Validators.ValidateIssuerSecurityKey(SecurityKey securityKey, SecurityToken securityToken, TokenValidationParameters validationParameters)**.

Below is some of the validation parameters code:

private async Task<JwtSecurityToken> ValidateToken(
    string token,
    string issuer,
    IConfigurationManager<OpenIdConnectConfiguration> configurationManager,
    ExternalLoginProviderInfo providerInfo,
    CancellationToken ct = default(CancellationToken))
{
    if (string.IsNullOrEmpty(token))
    {
        throw new ArgumentNullException(nameof(token));
    }

    if (string.IsNullOrEmpty(issuer))
    {
        throw new ArgumentNullException(nameof(issuer));
    }

    var discoveryDocument = await configurationManager.GetConfigurationAsync(ct);

    var signingKeys = discoveryDocument.SigningKeys;

    var validationParameters = new TokenValidationParameters
    {
        ValidateIssuer = true,
        ValidIssuer = issuer,
        ValidateIssuerSigningKey = true,
        IssuerSigningKeys = signingKeys,
        ValidateLifetime = true,
        ClockSkew = TimeSpan.FromMinutes(5),
        ValidateAudience = false
    };

    var principal = new JwtSecurityTokenHandler().ValidateToken(token, validationParameters, out var rawValidatedToken);


    return (JwtSecurityToken)rawValidatedToken;
}

What could be the problem?

Obvious question but: have you confirmed the date and time on the machine running the above code is correct? — ProgrammingLlama, Nov 11 '21 at 05:20

ASP.NET Core application is saying SSL certificate has expired, but it has not expired

0 Answers0