- ABP Framework version: v7.4.0
- UI Type: Blazor Server
- Database System: EF Core (SQL Server)
- Tiered (for MVC) or Auth Server Separated (for Angular): no
Exception message and full stack trace:
System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure: RemoteCertificateNameMismatch
Details:
We use Microsoft Azure as an external login provider. On my development system, everything works fine with the Microsoft login (with another Microsoft Entra ID instance).
When I wanted to install this on our customer's test system and tested the connection to their Entra ID, the authentication could be performed, but the above error occurred during the callback.
The customer, a large company with various security systems, then looked in the firewall and noticed that the callback from Microsoft had landed in their honeypot. He thinks that the reason is probably that the request from our application did not go through the proxy (although this is configured system-wide on the server).
Could this have something to do with the proxy and can I set it explicitly in the application? Or does it have to do with something completely different?
2 Answer(s)
-
0
We have found the solution. The problem was really with the proxy. A proxy was configured system-wide, but the IIS ignored it and sent the request directly to Microsoft. The response then contained the certificate of the honeypot server and not that of Microsoft, resulting in the RemoteCertificateNameMismatch.
Unfortunately, it was not enough to define the proxy in IIS
web.config
. We had to create awpad.dat
file (for Web Proxy Auto-Discovery). Then the IIS selected the correct route.Would be nice if you could refund me the question.
-
0
I've refunded your question. Thank you.