Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Issue: SSL Encryption Enabled Sites Result In Error On IIS #3635

Closed
thabaum opened this issue Jan 11, 2024 · 5 comments
Closed

Issue: SSL Encryption Enabled Sites Result In Error On IIS #3635

thabaum opened this issue Jan 11, 2024 · 5 comments

Comments

@thabaum
Copy link
Contributor

thabaum commented Jan 11, 2024

When I enable SSL on sites that are currently using IIS (Windows Server 2022 and Windows 11) IIS Developer Certificate or Self-Signed the site fails to load (white page) and I get an SSL error in the Content\Logs\error.txt file.

The only way I could install the site and navigate it was to be sure no SSL Bindings in IIS and use HTTP requests instead of HTTPS to connect.

I was using the latest "Release" edition and I will try to test the dev branch next now workarounds that I know can get a site running for testing purposes.

I have not tested with signed certificates.

Here is the long error below:

An unhandled exception was thrown by the application.    at System.Net.Http.ConnectHelper.EstablishSslConnectionAsync(SslClientAuthenticationOptions sslOptions, HttpRequestMessage request, Boolean async, Stream stream, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.ConnectAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.CreateHttp11ConnectionAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.AddHttp11ConnectionAsync(QueueItem queueItem)
   at System.Threading.Tasks.TaskCompletionSourceWithCancellation`1.WaitWithCancellationAsync(CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.SendWithVersionDetectionAndRetryAsync(HttpRequestMessage request, Boolean async, Boolean doRequestAuth, CancellationToken cancellationToken)
   at System.Net.Http.DiagnosticsHandler.SendAsyncCore(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.HttpClient.<SendAsync>g__Core|83_0(HttpRequestMessage request, HttpCompletionOption completionOption, CancellationTokenSource cts, Boolean disposeCts, CancellationTokenSource pendingRequestsCts, CancellationToken originalCancellationToken)
   at Oqtane.Services.ServiceBase.GetJsonAsync[T](String uri) in C:\Source\Projects\oqtane.framework\Oqtane.Client\Services\ServiceBase.cs:line 143
   at Oqtane.Services.InstallationService.IsInstalled() in C:\Source\Projects\oqtane.framework\Oqtane.Client\Services\InstallationService.cs:line 42
   at Oqtane.App.OnParametersSetAsync() in C:\Source\Projects\oqtane.framework\Oqtane.Client\App.razor:line 68
   at Microsoft.AspNetCore.Components.ComponentBase.CallStateHasChangedOnAsyncCompletion(Task task)
   at Microsoft.AspNetCore.Components.ComponentBase.RunInitAndSetParametersAsync()
   at Microsoft.AspNetCore.Components.RenderTree.Renderer.GetErrorHandledTask(Task taskToHandle, ComponentState owningComponentState)
   at Microsoft.AspNetCore.Components.RenderTree.Renderer.GetErrorHandledTask(Task taskToHandle, ComponentState owningComponentState)
   at Microsoft.AspNetCore.Components.RenderTree.Renderer.<WaitForQuiescence>g__ProcessAsynchronousWork|54_0()
   at Microsoft.AspNetCore.Components.RenderTree.Renderer.WaitForQuiescence()
   at Microsoft.AspNetCore.Components.RenderTree.Renderer.RenderRootComponentAsync(Int32 componentId, ParameterView initialParameters)
   at Microsoft.AspNetCore.Components.Endpoints.EndpointHtmlRenderer.WaitForResultReady(Boolean waitForQuiescence, PrerenderedComponentHtmlContent result)
   at Microsoft.AspNetCore.Components.Endpoints.EndpointHtmlRenderer.PrerenderComponentAsync(HttpContext httpContext, Type componentType, IComponentRenderMode prerenderMode, ParameterView parameters, Boolean waitForQuiescence)
   at Microsoft.AspNetCore.Mvc.TagHelpers.ComponentTagHelper.ProcessAsync(TagHelperContext context, TagHelperOutput output)
   at Microsoft.AspNetCore.Razor.Runtime.TagHelpers.TagHelperRunner.<RunAsync>g__Awaited|0_0(Task task, TagHelperExecutionContext executionContext, Int32 i, Int32 count)
   at Oqtane.Pages.Pages__Host.<ExecuteAsync>b__14_1() in C:\Source\Projects\oqtane.framework\Oqtane.Server\Pages\_Host.cshtml:line 29
   at Microsoft.AspNetCore.Razor.Runtime.TagHelpers.TagHelperExecutionContext.SetOutputContentAsync()
   at Oqtane.Pages.Pages__Host.ExecuteAsync() in C:\Source\Projects\oqtane.framework\Oqtane.Server\Pages\_Host.cshtml:line 6
   at Microsoft.AspNetCore.Mvc.Razor.RazorView.RenderPageCoreAsync(IRazorPage page, ViewContext context)
   at Microsoft.AspNetCore.Mvc.Razor.RazorView.RenderPageAsync(IRazorPage page, ViewContext context, Boolean invokeViewStarts)
   at Microsoft.AspNetCore.Mvc.Razor.RazorView.RenderAsync(ViewContext context)
   at Microsoft.AspNetCore.Mvc.ViewFeatures.ViewExecutor.ExecuteAsync(ViewContext viewContext, String contentType, Nullable`1 statusCode)
   at Microsoft.AspNetCore.Mvc.ViewFeatures.ViewExecutor.ExecuteAsync(ViewContext viewContext, String contentType, Nullable`1 statusCode)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeNextResultFilterAsync>g__Awaited|30_0[TFilter,TFilterAsync](ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Rethrow(ResultExecutedContextSealed context)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.ResultNext[TFilter,TFilterAsync](State& next, Scope& scope, Object& state, Boolean& isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeResultFilters>g__Awaited|28_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeNextResourceFilter>g__Awaited|25_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Rethrow(ResourceExecutedContextSealed context)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeFilterPipelineAsync>g__Awaited|20_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeAsync>g__Logged|17_1(ResourceInvoker invoker)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeAsync>g__Logged|17_1(ResourceInvoker invoker)
   at Microsoft.AspNetCore.Routing.EndpointMiddleware.<Invoke>g__AwaitRequestTask|7_0(Endpoint endpoint, Task requestTask, ILogger logger)
   at Swashbuckle.AspNetCore.SwaggerUI.SwaggerUIMiddleware.Invoke(HttpContext httpContext)
   at Swashbuckle.AspNetCore.Swagger.SwaggerMiddleware.Invoke(HttpContext httpContext, ISwaggerProvider swaggerProvider)
   at Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context)
   at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
   at Oqtane.Infrastructure.JwtMiddleware.Invoke(HttpContext context) in C:\Source\Projects\oqtane.framework\Oqtane.Server\Infrastructure\Middleware\JwtMiddleware.cs:line 90
   at Oqtane.Infrastructure.TenantMiddleware.Invoke(HttpContext context) in C:\Source\Projects\oqtane.framework\Oqtane.Server\Infrastructure\Middleware\TenantMiddleware.cs:line 83
   at Microsoft.AspNetCore.Localization.RequestLocalizationMiddleware.Invoke(HttpContext context)
   at Microsoft.AspNetCore.Server.IIS.Core.IISHttpContextOfT`1.ProcessRequestAsync()

I will report back anything I can find.

There may also be a relating issue to CORS and Oqtane.Maui I will investigate if still an issue that may relate. I will create another issue for that once I have a chance to investigate again shortly.

@sbwalker
Copy link
Member

@thabaum since almost every Oqtane site running in production is using IIS and SSL I would have to assume that this is a configuration issue in your environment. And since there is no way to reproduce your specific configuration, I believe this issue should be closed?

@thabaum
Copy link
Contributor Author

thabaum commented Jan 13, 2024

@sbwalker I can't run IIS with SSL enabled. Issue should stay open shouldnt it? Or can I only test SSL with a signed-certificate? We cannot test via local SSL either with self-signed or IIS developer certificate.

Since I have no way to test production currenlty I am not sure this should be closed.

I can put up a production site tomorrow with SSL enabled properly. So if results are good I will let you know and decide if no need for testing using self-signed certificates this can be closed. I almost feel like this is my file upload issue testing possibly with CORS fixed now is uploading between HTTPS and HTTP and the authorization for the login maybe buggered up in the mix of the two.

This may make that permission issue go away... maybe if I can get motivated in that direction I will put one up tonight in production. I have a couple sites I have been meaning to do this for to help with troubleshooting.

I will let you know how this goes by tomorrow afternoon.

@thabaum
Copy link
Contributor Author

thabaum commented Jan 13, 2024

I was able to get HTTPS going in my IDE running Oqtane.Server in VS.

I have the CORS fixes added but not sure that is the reason I can now do it here. I am still trying to run IIS with an SSL however. And I need to keep this issue related to that focus.

Plus side is i can now test the maui app in HTTPS connecting to HTTPS localhost address with SSL enabled.

update... if i make the VS use SSL for Oqtane.Server the Oqtane.Maui app will not connect. I assume its a certificate error issue possibly. So I will like I said put up a production site next to test.

This issue maybe needs to be noted as a known issue. I will try to take a production cert and use it with editing the HOST file to point that domain to localhost. Has to be some form of a workaround we can put along with the known issue at least. I am still investigating this because I want to be able to run tests without having to go into a more production environment setup to do so.

@thabaum
Copy link
Contributor Author

thabaum commented Jan 13, 2024

@sbwalker I am heading this direction now, I am setting up an IIS Oqtane production site today with a signed SSL certificate to see if some of these last issues relating to IIS SSL and File Manager Uploads go away. We can note as a known issue in documentation anything we cannot or will not resolve.

@thabaum
Copy link
Contributor Author

thabaum commented Jan 14, 2024

@sbwalker I was able to get an SSL enabled site running in production using a signed certificate no problem. I will close this issue as something to document.

@thabaum thabaum closed this as completed Jan 14, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants