Last post Jul 19, 2018 02:12 PM by bruce (sqlwork.com)
Jul 19, 2018 09:11 AM|shanmukb|LINK
I am using WSFederation for authenticating the users in .Net Core Application. There is an STS service which will authenticate and supply claims for me. I have added the required Metadata address and the WRealm are provided. This is working fine on the
local machine but stopped working after deployment to the Server using VSTS build. The error it is throwing is
"Peer certificate cannot be authenticated with given CA certificates".
After enquiring about this the admin team they said that we need to add the STS server certificate thumbprint to my application as part of the deployment. I searched for adding thumbprint in google but no luck.
Please let me know how can I add a thumbprint of the trusted issuer in.Net Core Application. We would do in the Web.Config for Dot Net Framework application. I want to do the same in my Dot Net Core application.
Jul 19, 2018 10:49 AM|mgebhard|LINK
As far as I know, this is a problem with your server's certificate store as it does not have a valid chain of trust for the token service certificate. Contact the token service for assistance.
Jul 19, 2018 02:12 PM|bruce (sqlwork.com)|LINK
it will depend on how you are calling service.
there are two options:
1) add the required certitude to the server hosting you asp.net core as a trusted source
2) create a custom certificate validation that allows the untrusted cert. see httpclient's ServerCertificateCustomValidationCallback property