I have a .net 6 web api application which uses asp.net core single accounts for authorization.
I have 3 environments:
- local / development
- test at https://test.myapp.abc
- production at https://myapp.abc
Code and configuration for all 3 is identical except for db connection string and SSL certificate. Test and production have respective "Lets Encrypt" SSL certificates generated and configured. Both are on the same physical server in the same IIS.
In production (which is by the way still in testing and not overloaded or something) from time to time I can't call any API endpoint error being Bearer error="invalid_token", error_description="The issuer 'https://myapp.abc' is invalid". However endpoints: openid-configuration, userinfo and token work normaly.
This never happens in test.
What appears to help as a very poor workaround:
- Deleting all files in production and rebuilding them from GitHub seemed to help, but after 2 weeks it appeared again.
All I found online is that authorization either works or does not work which is not that simple in my case. Authorization does work for some time and then without any human intervention to server or code stops, but only in one of the 2 "same" applications. And then after some time it can again start working on its own.
I would appreciate the tiniest hint. Where should I look? What should I log? Is this ASP.NET or IdentityServer or IIS issue? Any idea? Thanks.
