Share via

Blazor Serverside with LetsEncrypt certificate by Certbot

InzeNL 1 Reputation point
2021-04-06T09:18:03.543+00:00

I'm currently working on a Blazor app (serverside) and I'm looking at adding a certificate for HTTPS.

I have already set up Certbot on my Windows Server to automatically refresh certificates, and have already generated one.

However, I'm having trouble telling Blazor to use this certificate.

My current appsettings.json looks like this: 

{
  "Kestrel": {
    "Certificates": {
      "Default": {
        "Path": "C:\\Certbot\\live\\example.com\\fullchain.pem",
        "KeyPath": "C:\\Certbot\\live\\example.com\\privkey.pem"
      }
    }
  }
}

When I run the application with this configuration, it gives me a Unspecified error error.

I've also tried it with a .pfx file, but the same error occurs.

The path I use refers to a symlink, so I've tried changing it to the direct path (C:\\Certbot\\archive\\example.com\\fullchain1.pem) but it then gives me the error No supported key formats were found. Check that the input represents the contents of a PEM-encoded key file, not the path to such a file. (Parameter 'input')
This error made me think that this is the way to go, because at least it talks about the key. But I can't seem to find a way to lose this error.
I looked at possibly converting the privkey.pem to private.key, but according to what I found, this shouldn't matter.

It does seem to recognize it as a file, because as soon as I change it, it gives me a The system cannot find the file specified error.

The full stacktrace for the Unspecified error error: 

Microsoft.AspNetCore.Server.Kestrel[0]
      Unable to start Kestrel.
      Internal.Cryptography.CryptoThrowHelper+WindowsCryptographicException: Unspecified error
         at Internal.Cryptography.Pal.CertificatePal.FromBlobOrFile(ReadOnlySpan`1 rawData, String fileName, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags)
         at System.Security.Cryptography.X509Certificates.X509Certificate..ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags)
         at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(String fileName, String password)
         at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Certificates.CertificateConfigLoader.LoadCertificate(CertificateConfig certInfo, String endpointName)
         at Microsoft.AspNetCore.Server.Kestrel.KestrelConfigurationLoader.LoadDefaultCert()
         at Microsoft.AspNetCore.Server.Kestrel.KestrelConfigurationLoader.Reload()
         at Microsoft.AspNetCore.Server.Kestrel.KestrelConfigurationLoader.Load()
         at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.BindAsync(CancellationToken cancellationToken)
         at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.StartAsync[TContext](IHttpApplication`1 application, CancellationToken cancellationToken)
Unhandled exception. Internal.Cryptography.CryptoThrowHelper+WindowsCryptographicException: Unspecified error
   at Internal.Cryptography.Pal.CertificatePal.FromBlobOrFile(ReadOnlySpan`1 rawData, String fileName, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags)
   at System.Security.Cryptography.X509Certificates.X509Certificate..ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags)
   at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(String fileName, String password)
   at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Certificates.CertificateConfigLoader.LoadCertificate(CertificateConfig certInfo, String endpointName)
   at Microsoft.AspNetCore.Server.Kestrel.KestrelConfigurationLoader.LoadDefaultCert()
   at Microsoft.AspNetCore.Server.Kestrel.KestrelConfigurationLoader.Reload()
   at Microsoft.AspNetCore.Server.Kestrel.KestrelConfigurationLoader.Load()
   at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.BindAsync(CancellationToken cancellationToken)
   at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.StartAsync[TContext](IHttpApplication`1 application, CancellationToken cancellationToken)
   at Microsoft.AspNetCore.Hosting.GenericWebHostService.StartAsync(CancellationToken cancellationToken)
   at Microsoft.Extensions.Hosting.Internal.Host.StartAsync(CancellationToken cancellationToken)
   at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.RunAsync(IHost host, CancellationToken token)
   at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.RunAsync(IHost host, CancellationToken token)
   at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.Run(IHost host)
   at Application.Program.Main(String[] args) in C:\Application\Program.cs:line 10
Blazor
Blazor
A free and open-source web framework that enables developers to create web apps using C# and HTML being developed by Microsoft.
1,596 questions
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
13,229 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. onurs53 96 Reputation points
    2021-04-24T12:34:45.56+00:00

    I have the same problem. Did you solve this problem ?

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.