I'm having an issue where my asp.net web service is loading a certificate from the certstore but the private key is not available. Hovering over the property, is showing a WindowsCryptographicException.
The code is working fine under a console app. In looking at the X509Certificate2, it is only the PrivateKey that seem to not being loaded.
I found this link about a very similar problem using IIS. The accepted answer here was to ensure the the full user profile is loaded. Does anyone know how to do this in kestrel?
I've been digging thru WebHostBuilder docs but haven't seen anything yet.
Both the console and kestrel are running under VS 15.5/my user, which is admin, and setup for .net 2.0 runtimes.
Related
Good day everyone!
Background: I have old legacy ASP.NET MVC on premise application running on local windows IIS. I'm investigating ways to integrate this application with Azure AD authentication. As far as I can understand (Windows IIS integration with Azure AD) it's not possible to do it directly because of the Azure AD authentication can be added at the application level only. So I'm thinking integrating one of the MSAL library for adding Azure AD authentication.
Using this windows manual (Quickstart: Add sign-in with Microsoft to a web app), I've downloaded sample windows application (ASP.NET code sample) from this learn page and tried to run it within the Visual Studio 2022 in debug mode on my azure virtual work machine (based on VDI platform).
And Azure AD authentication does not work. When I click "Sign in with windows" button on the start application page, I get the error:
Server Error in '/' Application.The resource cannot be found.
Description: HTTP 404. The resource you are looking for (or one of its dependencies) could have been removed, had its name changed, or is temporarily unavailable. Please review the following URL and make sure that it is spelled correctly.
Requested URL: /login.aspx
This sample works fine on my local laptop in exactly the same state. I suggest that any security utilities might be the reason, but I don't know how to check it. I can't disable security apps on my working machine, and maybe there are any restrictions on the network level I don't even know nothing about.
Could somebody suggest any ways to solve this problem? Or maybe still ways to find the reason of this problem?
Thank you in advanced!
I am running Visual Studio 2022 (17.0.2), and I just created a new Web API Core project from the template. I enabled Microsoft Identity as the identity provider (Azure AD).
Then I ran the solution and it brings up swagger. I did a "Try It Out" on the WeatherForecast operation. (Which failed with a 401 because the template does not enable swagger's security abilities.)
But the odd part is that in my Chrome DevTools, after the 401 line, I got this:
Why is my new project (from the standard Web API Core template) making calls to an external site? I don't have anything in my code referencing https://dc.services.visualstudio.com/v2/track. There are strict privacy laws around the code I write, and I get very nervous when there are suddenly random calls to unknown URLs.
I did some googling, and it seems this is related to something called "Microsoft Telemetry" or "Application Insights". But all the fixes that I can find have you removing or disabling code that does not come in the default WebAPI template. Like this answer.
I did see a fix that had you modify the hosts files so that the traffic would not leave your machine. That seems like it would work, but then I have to get this change done to my production machines (which I would rather not).
Why is this in there by default?
And more importantly how can I remove it so that it is not in my code when it is deployed to production?
I believe it's this bug https://developercommunity.visualstudio.com/t/Visual-Studio-2022-Application-Insights-/1578628
The fix is to upgrade your Visual Studio (for example 17.3.0 as of June 2022).
I've published an app to Azure for the first time. When I go to the site I get an HTTP 500 error saying
The page isn't working. *****.azurewebsites.net is currently unable to handle this request.
Looking at the Live Metrics Stream on the Azure Portal it says
Not available: your app is offline or using an older SDK
This is a .Net Core app.
When I published it there were no errors. It said the build and publishing were successful. I'm not sure what other information I can give to help someone help me resolve this. I'm including some screenshots that may have some helpful information. I've been stuck for a whole day now.
Below is an error from the Azure Portal:
Here is my web.config file:
Here are the general settings from Azure:
Here are some errors from Azure:
Here is the Publish page from Visual Studio (disregard the arrow):
I figured it out.
Earlier I had briefly experimented with using the .net Google Oauth library in my project. I eventually incorporated Oauth by hand and never removed the code for Google Oauth in Startup.cs. This didn't cause a problem locally but, the streaming logs showed an error saying the "ClientID option must be provided". ClientID is related to the Oauth library.
Viewing the Streaming Logs in Visual Studio is what helped me solve this. Maybe this will help someone in the future.
I had Application Insights running smoothly on an Azure Web App via the AI SDK, reporting to an AI instance hosted in Azure.
The only niggle was it didn't show detailed dependancy diagnostics, according to this page this was because I was using the SDK only, I needed to "Instrument your web app on the server", which looking at the docs can't be done if you already have an instance of AI running....helpful!
Reluctantly I deleted the AI instance, stripped the SDK from my code so I was starting fresh, and followed the steps, however as soon as I finished the process in the previous link my website broke and now responds to every single request (MVC5 and Web API) with an empty 404 request
The AI status page is showing green ticks for everything, and I can't discern anything from diagnostic log dump from KUDO or manage to remotely debug the site.
Deleting the AI extension under Web App -> Extensions in the Azure portal and then restarting the web app fixes the problem.
I've run out of ideas on how to fix this, is there anything else I can do to get to the bottom of the problem?
To fix this problem, delete the following 2 files from your web app's (or slot's) filesystem:
D:\home\siteextensions\Microsoft.ApplicationInsights.AzureWebSites\Instrumentation32\ProductionBreakpoints_x86.config
D:\home\siteextensions\Microsoft.ApplicationInsights.AzureWebSites\Instrumentation64\ProductionBreakpoints_x64.config
You can do this easily through Kudu.
Edit: Apparently this is/was an issue with the ProductionBreakpoints interacting with precompiled views. Microsoft has informed me a fix should be out within the next couple days. The version of Application Insights extension I have now that is still broken is 2.4.6 - I will post the "fixed" version when I can confirm it.
Edit 2: Confirmed this is fixed in 2.4.7 which is out now.
I'm using the latest .NET Core (1.1) and EF Core to build my ASP.NET website and I also use ASP.NET Identity, and I have already published my website to Azure host and everything is working as expected there(including my Windows localhost). However now I'm switching to my own Linux(Centos 7) dedicated server with Apache, and I have the site working however I get "Invalid Token" messages when trying to reset password or confirm email.
I have checked other questions like this and solution was to encode/decode url which is sent via email, however I have did that already but it's not working still.
I also tried to copy the whole database from localhost to my server in case there was something with migrations on the Linux host, however that also did not help. All migrations are applied and other things that don't use Identity context also work.
After additional searching I have found that it might be problem with different machine keys on the host and that the security stamp is not in sync, but I don't see how could that affect me because I deploy a whole new version of my app to the server, and on localhost everything works as well on Azure hosting. Also this used to be the problem with ASP.NET MVC, not Core.
How can I even debug this issue? I have not seen anyone having this problem with the new EF Core and especially not on Linux host.
I deploy the site using the latest VS 17. I have set up Apache proxy as guided on the official .NET Core website: link
Dotnet core MVC application on default saves your Authentication tokens encrypted in a cookie.
The seed/key for this encryption/decryption of the data is based on your machine key, which is different on every machine.
If you ran multiple instances of your app (load balanced) this message/error will happen when your system tries to decrypt the session cookie, created on the other machine.
On the other hand if you still have cookie information in your browser and you start hosting the website on a different host ofcouse this new host wont be able to decrypt these already existing session cookies.
I Know this because i had the same problem. You can find the source-code of session here: https://github.com/aspnet/Session/tree/dev/src/Microsoft.AspNetCore.Session
I tried this when dotnet core was not yet released and i ended up using this blog. But probably now is very outdated.
I'd advice you advice you to use an external session store instead of using the cookie as data storage. read through their documentation on how to set that up: https://learn.microsoft.com/en-us/aspnet/core/fundamentals/app-state