Activities of "duyan11110"

All Question Answer
Newest Oldest
Untrusted Root error when running Abp Commercial via Docker Compose #4783
Answer

I used host file to map like this: 127.0.0.1 mydomain.webgateway As you can see in my docker compose file:

volumes:
- ~/.aspnet/https:/https:ro

Is that correct way to map certificate file? I can see all mapped pfx files in https folder of the container.

Untrusted Root error when running Abp Commercial via Docker Compose #4783
Answer

I already generated pfx file with this command: New-SelfSignedCertificate -CertStoreLocation Cert:\LocalMachine\My -DnsName "mydomain.webgateway" -FriendlyName "mydomain.webgateway" -NotAfter (Get-Date).AddYears(10) (because the URL is not localhost, they are container names instead), added to Trusted Root Certification Authorities on Local Machine and mounted successfully, but the error still occurs.

For linux, pfx is problematic as far as i know. You can use OpenSSL to generate self-signed certificate.

Do you mean linux for host or container? I use Windows host but linux container. Do I have to use OpenSSL to generate certificate? If yes, how to use that certificate in docker-compose file?

Untrusted Root error when running Abp Commercial via Docker Compose #4783
Question
  • ABP Framework version: 7.0.3
  • UI type: MVC
  • DB provider: EF Core
  • Tiered (MVC) or Identity Server Separated (Angular): yes
  • Exception message and stack trace: AuthenticationException: The remote certificate is invalid because of errors in the certificate chain: UntrustedRoot System.Net.Security.SslStream.SendAuthResetSignal(ProtocolToken message, ExceptionDispatchInfo exception) System.Net.Security.SslStream.CompleteHandshake(SslAuthenticationOptions sslAuthenticationOptions) System.Net.Security.SslStream.ForceAuthenticationAsync(bool receiveFirst, byte[] reAuthenticationData, CancellationToken cancellationToken) System.Net.Http.ConnectHelper.EstablishSslConnectionAsync(SslClientAuthenticationOptions sslOptions, HttpRequestMessage request, bool async, Stream stream, CancellationToken cancellationToken) HttpRequestException: The SSL connection could not be established, see inner exception. System.Net.Http.ConnectHelper.EstablishSslConnectionAsync(SslClientAuthenticationOptions sslOptions, HttpRequestMessage request, bool async, Stream stream, CancellationToken cancellationToken) System.Net.Http.HttpConnectionPool.ConnectAsync(HttpRequestMessage request, bool async, CancellationToken cancellationToken) System.Threading.Tasks.ValueTask.get_Result() System.Net.Http.HttpConnectionPool.CreateHttp11ConnectionAsync(HttpRequestMessage request, bool async, CancellationToken cancellationToken) System.Threading.Tasks.ValueTask.get_Result() System.Net.Http.HttpConnectionPool.AddHttp11ConnectionAsync(QueueItem queueItem) System.Threading.Tasks.TaskCompletionSourceWithCancellation.WaitWithCancellationAsync(CancellationToken cancellationToken) System.Threading.Tasks.ValueTask.get_Result() System.Net.Http.HttpConnectionPool+HttpConnectionWaiter.WaitForConnectionAsync(bool async, CancellationToken requestCancellationToken) System.Net.Http.HttpConnectionPool.SendWithVersionDetectionAndRetryAsync(HttpRequestMessage request, bool async, bool doRequestAuth, CancellationToken cancellationToken) System.Net.Http.DiagnosticsHandler.SendAsyncCore(HttpRequestMessage request, bool async, CancellationToken cancellationToken) System.Threading.Tasks.ValueTask.get_Result() System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, bool async, CancellationToken cancellationToken) Microsoft.Extensions.Http.Logging.LoggingHttpMessageHandler.g__Core|5_0(HttpRequestMessage request, CancellationToken cancellationToken) Microsoft.Extensions.Http.PolicyHttpMessageHandler.SendCoreAsync(HttpRequestMessage request, Context context, CancellationToken cancellationToken) Polly.Retry.AsyncRetryEngine.ImplementationAsync(Func&lt;Context, CancellationToken, Task> action, Context context, CancellationToken cancellationToken, ExceptionPredicates shouldRetryExceptionPredicates, ResultPredicates shouldRetryResultPredicates, Func&lt;DelegateResult, TimeSpan, int, Context, Task> onRetryAsync, int permittedRetryCount, IEnumerable sleepDurationsEnumerable, Func&lt;int, DelegateResult, Context, TimeSpan> sleepDurationProvider, bool continueOnCapturedContext) Polly.AsyncPolicy.ExecuteAsync(Func&lt;Context, CancellationToken, Task> action, Context context, CancellationToken cancellationToken, bool continueOnCapturedContext) Microsoft.Extensions.Http.PolicyHttpMessageHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) Microsoft.Extensions.Http.Logging.LoggingScopeHttpMessageHandler.g__Core|5_0(HttpRequestMessage request, CancellationToken cancellationToken) System.Net.Http.HttpClient.g__Core|83_0(HttpRequestMessage request, HttpCompletionOption completionOption, CancellationTokenSource cts, bool disposeCts, CancellationTokenSource pendingRequestsCts, CancellationToken originalCancellationToken) Volo.Abp.Http.Client.ClientProxying.ClientProxyBase.RequestAsync(ClientProxyRequestContext requestContext) AbpRemoteCallException: An error occurred during the ABP remote HTTP request. (The SSL connection could not be established, see inner exception.) See the inner exception for details. Volo.Abp.Http.Client.ClientProxying.ClientProxyBase.RequestAsync(ClientProxyRequestContext requestContext) Volo.Abp.Http.Client.ClientProxying.ClientProxyBase.RequestAsync(ClientProxyRequestContext requestContext) Volo.Abp.Http.Client.ClientProxying.ClientProxyBase.RequestAsync(string methodName, ClientProxyRequestTypeValue arguments) Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.ClientProxies.AbpApplicationConfigurationClientProxy.GetAsync(ApplicationConfigurationRequestOptions options) Volo.Abp.AspNetCore.Mvc.Client.MvcCachedApplicationConfigurationClient.GetRemoteConfigurationAsync() Volo.Abp.AspNetCore.Mvc.Client.MvcCachedApplicationConfigurationClient.b__16_0() Volo.Abp.Caching.DistributedCache&lt;TCacheItem, TCacheKey>.GetOrAddAsync(TCacheKey key, Func&lt;Task> factory, Func optionsFactory, Nullable hideErrors, bool considerUow, CancellationToken token) Volo.Abp.AspNetCore.Mvc.Client.MvcCachedApplicationConfigurationClient.GetAsync() Volo.Abp.AspNetCore.Mvc.Client.RemoteLanguageProvider.GetLanguagesAsync() Microsoft.AspNetCore.RequestLocalization.DefaultAbpRequestLocalizationOptionsProvider.GetLocalizationOptionsAsync() Microsoft.AspNetCore.RequestLocalization.AbpRequestLocalizationMiddleware.InvokeAsync(HttpContext context, RequestDelegate next) Microsoft.AspNetCore.Builder.UseMiddlewareExtensions+<>c__DisplayClass6_1+<b__1>d.MoveNext() Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddlewareImpl.Invoke(HttpContext context)
  • Steps to reproduce the issue:"
  • Docker compose file:
    version: '3.4'

services:
mydomain.authserver:
environment:
\- ASPNETCORE\_ENVIRONMENT=Development
\- ASPNETCORE\_URLS=https://\+:7000
\- ASPNETCORE\_Kestrel\_\_Certificates\_\_Default\_\_Path=/https/mydomain\.authserver\.pfx
\- ASPNETCORE\_Kestrel\_\_Certificates\_\_Default\_\_Password=
ports:
\- "7000:7000"
volumes:
\- \~/\.aspnet/https:/https:ro
\- $\{APPDATA\}/Microsoft/UserSecrets:/root/\.microsoft/usersecrets:ro

mydomain.web:
environment:
\- ASPNETCORE\_ENVIRONMENT=Development
\- ASPNETCORE\_URLS=https://\+:7004
\- ASPNETCORE\_Kestrel\_\_Certificates\_\_Default\_\_Path=/https/mydomain\.web\.pfx
\- ASPNETCORE\_Kestrel\_\_Certificates\_\_Default\_\_Password=
ports:
\- "7004:7004"
volumes:
\- \~/\.aspnet/https:/https:ro
\- $\{APPDATA\}/Microsoft/UserSecrets:/root/\.microsoft/usersecrets:ro

mydomain.webgateway:
environment:
\- ASPNETCORE\_ENVIRONMENT=Development
\- ASPNETCORE\_URLS=https://\+:7500
\- ASPNETCORE\_Kestrel\_\_Certificates\_\_Default\_\_Path=/https/mydomain\.webgateway\.pfx
\- ASPNETCORE\_Kestrel\_\_Certificates\_\_Default\_\_Password=
ports:
\- "7500:7500"
volumes:
\- \~/\.aspnet/https:/https:ro
\- $\{APPDATA\}/Microsoft/UserSecrets:/root/\.microsoft/usersecrets:ro

appsettings.json for Web project

{
"App": {
"SelfUrl": "[https://mydomain.web:7004"](https://mydomain.web:7004%22)
},
"AuthServer": {
"Authority": "[https://mydomain.authserver:7000"](https://mydomain.authserver:7000%22),
"RequireHttpsMetadata": "true",
"ClientId": "Web.Docker",
"ClientSecret": "1q2w3e\*",
"IsOnK8s": "false",
"MetaAddress": "[https://mydomain.authserver:7000"](https://mydomain.authserver:7000%22)
},
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft": "Warning",
"Microsoft.Hosting.Lifetime": "Information"
}
},
"AllowedHosts": "\*",
"RemoteServices": {
"Default": {
"BaseUrl": "https:/mydomain.webgateway:7500"
}
}
}

I tried to add above pfx files to Trusted Root on my machine and the guide here: https://ubuntu.com/server/docs/security-trust-store but it didn't work. Pls help

Showing 91 to 93 of 93 entries
Boost Your Development
ABP Live Training
Packages
See Trainings
Mastering ABP Framework Book
The Official Guide
Mastering
ABP Framework
Learn More
Mastering ABP Framework Book
Made with ❤️ on ABP v10.2.0-preview. Updated on February 05, 2026, 13:24
1
ABP Assistant
🔐 You need to be logged in to use the chatbot. Please log in first.