question

KGIntelligence-8414 avatar image
0 Votes"
KGIntelligence-8414 asked ryanchill answered

Crash of the container because IdentityServer not recognising certificate

Straight after I published an APS.Net Core App via Visual Studio 2019 it crashes in the Azure Linux container with the error:

"2021-07-28T15:57:17.117335100Z [41m [1m [37mcrit [39m [22m [49m: Microsoft.AspNetCore.Hosting.Diagnostics[6]2021-07-28T15:57:17.117356202Z Application startup exception2021-07-28T15:57:17.117359902Z System.InvalidOperationException: Couldn't find a valid certificate with subject 'CN=MyCertName' on the 'CurrentUser\My'"

I have followed that example https://docs.microsoft.com/en-us/aspnet/core/security/authentication/identity-api-authorization?view=aspnetcore-5.0#example-deploy-to-a-non-azure-web-hosting-provider where I generated my own self-signed .pfx certificate using power-shell. I have uploaded the certificate to azure as shown here https://docs.microsoft.com/en-us/aspnet/core/security/authentication/identity-api-authorization?view=aspnetcore-5.0#example-deploy-to-a-non-azure-web-hosting-provider

I am also certain that my certificate has the right subject and store location. I also closely followed this video. https://www.eugenechiang.com/2021/01/12/setting-up-certificate-for-identityserver4-in-azure-app-service/ which overlaps with the microsoft docs, but still having the error after publishing my APS.Net Core app with appsettings.json file containing

"IdentityServer": {
    "Key": {
      "Type": "Store",
      "StoreName": "My",
      "StoreLocation": "CurrentUser",
      "Name": "CN=MyCertName"
    },
    "Clients": {
      "MyApp": {
        "Profile": "IdentityServerSPA"
      }
    }
  },


Does anyone know what might be causing the issue?

dotnet-aspnet-core-generalazure-webapps-ssl-certificates
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

ryanchill avatar image
0 Votes"
ryanchill answered

Hi @KGIntelligence-8414,

Did you add the appropriate application setting to allow your app to load the certificate from file?

az webapp config appsettings set --name <app-name> --resource-group <resource-group-name> --settings WEBSITE_LOAD_USER_PROFILE=1

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.