在identityserver3中,根据验证过程,远程证书无效 [英] In identityserver3 The remote certificate is invalid according to the validation procedure
问题描述
在我的解决方案中,我有mvc项目和Identity Server3项目,并且正在使用Identity Server对mvc客户端进行身份验证.当我从Visual Studio启动这两个项目时,mvc应用程序将自动重定向到core.Idenity服务器项目的登录页面.我们可以输入凭据将其重定向回mvc项目.但是现在,当我将这两个应用程序托管在IIS服务器上的两个不同端口上时,身份服务器运行正常,但是在运行mvc项目时,根据验证过程,该远程证书无效.
In my solution I have mvc project and Identity Server3 project and I am authenticating mvc client by using Identity Server.When i start these two projects from visual studio the mvc application automatically redirects to the login page of core.Idenity server project and we can enter credentials it redirects back to mvc project.But now when i hosted these two application on two different ports on IIS server then identity server is working fine but when run the mvc project it shows The remote certificate is invalid according to the validation procedure.
我通过IIS创建了一个自签名证书,并在我的身份服务器项目中使用了它,并且在IIS上添加这些站点时,两个项目也使用了与SSL证书相同的证书.我也尝试了这些步骤 Github链接,但它不起作用.我还尝试了给定的证书在identityserver3的示例应用程序中.
I have created a self signed certificate through IIS and used it in my Identity server project and also used this same certificate as SSL certificate for both the projects when adding these sites on the IIS.And i have tried thes steps too Github link but its not working.I also have tried the certificates given in the example apps of identityserver3.
推荐答案
您还创建了根证书吗?
Did you create also root certificate?
您需要根证书和由根签名的证书,才能通过.net的证书验证.您实际上可以将证书发送到localhost进行测试(对我有用). 这是有关如何制作根证书和由其签名的证书的信息:
You need root certificate and a certificate signed by the root in order to pass the certificate validation of .net. You can actually make the certificate to localhost for testing (it worked for me). Here is an info how to make root certificate and a certificate signed by it:
https://datacenteroverlords.com/2012/03/01/creating-your-own-ssl-certificate-authority/
但是合并键的最后一部分却有所不同
but the last part of merging the keys I did it differently
但是,如果要进行部署,请确保从同一签名机构(=>相同的根证书)获取两个证书(一个用于身份服务器和mvc项目).
But if you are deploying, then make sure you take two certificates (one for identity server and mvc project) from the same signing authority (=> same root certificate).
希望它会有所帮助. :)
Hope it helps. :)
这篇关于在identityserver3中,根据验证过程,远程证书无效的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
