“IDX20803: Unable to obtain configuration from” Error In .NET API On AWS.

huangapple
go评论62阅读模式
英文:

"IDX20803: Unable to obtain configuration from" Error In .NET API On AWS

问题

I have had a .NET API deployed on an AWS EC2 instance for a few years and about a month ago it started throwing exceptions on every request. The error does not occur when I run the server locally, only when running in my deployed AWS environment.

The original error message was: IDX20803: Unable to obtain configuration from: ' [PII is hidden. For more details, see https://aka.ms/IdentityModel/PII.] '.

After testing with Microsoft.IdentityModel.Logging.IdentityModelEventSource.ShowPII = true;, the error message is: IDX20803: Unable to obtain configuration from: 'https://mydomain.us.auth0.com/.well-known/openid-configuration'.

Inside my service's AddJwtBearer I added:

options.BackchannelHttpHandler = new HttpClientHandler
{
ServerCertificateCustomValidationCallback = (message, cert, chain, errors) => true
};

And now when I test my service in AWS the requests are no longer failing.

It seems that my service is having issues making an SSL connection to its OAuth configuration, but only when running in an AWS EC2 instance. In my browser I went to the configuration URL from the error message and it has a secure connection with a valid SSL certificate, so I'm not sure exactly why it would have an issue.

英文:

I have had a .NET API deployed on an AWS EC2 instance for a few years and about a month ago it started throwing exceptions on every request. The error does not occur when I run the server locally, only when running in my deployed AWS environment.

The original error message was: IDX20803: Unable to obtain configuration from: '[PII is hidden. For more details, see https://aka.ms/IdentityModel/PII.]'.

After testing with Microsoft.IdentityModel.Logging.IdentityModelEventSource.ShowPII = true;, the error message is: IDX20803: Unable to obtain configuration from: 'https://mydomain.us.auth0.com/.well-known/openid-configuration'.

Inside my service's AddJwtBearer I added:

options.BackchannelHttpHandler = new HttpClientHandler
{
    ServerCertificateCustomValidationCallback = (message, cert, chain, errors) => true
};

And now when I test my service in AWS the requests are no longer failing.

It seems that my service is having issues making an SSL connection to its OAuth configuration, but only when running in an AWS EC2 instance. In my browser I went to the configuration URL from the error message and it has a secure connection with a valid SSL certificate, so I'm not sure exactly why it would have an issue.

答案1

得分: 0

我发现许多人遇到了与 Auth0 证书颁发机构更改相关的问题(参见此帖子),因此我更新了我们的 EC2 实例上运行的 Amazon Linux 版本,问题得以解决。

英文:

I found that many people had experienced issues related to a change in the Auth0 Certificate Authority (see this post), so I updated the version of Amazon Linux running on our EC2 instances and the issue was resolved.

huangapple
  • 本文由 发表于 2023年4月11日 12:07:28
  • 转载请务必保留本文链接:https://go.coder-hub.com/75982329.html
  • .net
  • amazon-web-services
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定