Uploaded image for project: 'C# Driver'
  1. C# Driver
  2. CSHARP-2449

Connection issue with certs after deployment of asp core website to domain but work good if run local on same server

    XMLWordPrintable

    Details

      Description

      i've issue that couldn't solve till now

      i setup windows server 2016 with 3 domains and plesk panel i installed Mongodb server 4.0.4 i make selfsigned CA ssl and import it to trusted Root i issued server pem and client pfx and pem certs

      on server i connect by the client cert from CMD it WORKS on my machine i used the same setting and connect from CMD and from asp core App through C# driver ,, it works

      but when i publish the app on the server it not work give me this error :

       

      TimeoutException: A timeout occured after 30000ms selecting a server using CompositeServerSelector{ Selectors = MongoDB.Driver.MongoClient+AreSessionsSupportedServerSelector, LatencyLimitingServerSelector{ AllowedLatencyRange = 00:00:00.0150000 } }. Client view of cluster state is { ClusterId : "3", ConnectionMode : "Automatic", Type : "Unknown", State : "Disconnected", Servers : [{ ServerId: "{ ClusterId : 3, EndPoint : "127.0.0.1:27017" }", EndPoint: "127.0.0.1:27017", State: "Disconnected", Type: "Unknown", HeartbeatException: "MongoDB.Driver.MongoConnectionException: An exception occurred while opening a connection to the server. ---> System.ComponentModel.Win32Exception: The credentials supplied to the package were not recognized
      at System.Net.SSPIWrapper.AcquireCredentialsHandle(SSPIInterface secModule, String package, CredentialUse intent, SCHANNEL_CRED scc)
      at System.Net.Security.SslStreamPal.AcquireCredentialsHandle(CredentialUse credUsage, SCHANNEL_CRED secureCredential)
      at System.Net.Security.SslStreamPal.AcquireCredentialsHandle(X509Certificate certificate, SslProtocols protocols, EncryptionPolicy policy, Boolean isServer)
      at System.Net.Security.SecureChannel.AcquireClientCredentials(Byte[]& thumbPrint)
      at System.Net.Security.SecureChannel.GenerateToken(Byte[] input, Int32 offset, Int32 count, Byte[]& output)
      at System.Net.Security.SecureChannel.NextMessage(Byte[] incoming, Int32 offset, Int32 count)
      at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
      at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
      at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
      at System.Net.Security.SslState.PartialFrameCallback(AsyncProtocolRequest asyncRequest)
      --- End of stack trace from previous location where exception was thrown ---
      at System.Net.Security.SslState.ThrowIfExceptional()
      at System.Net.Security.SslState.InternalEndProcessAuthentication(LazyAsyncResult lazyResult)
      at System.Net.Security.SslState.EndProcessAuthentication(IAsyncResult result)
      at System.Net.Security.SslStream.EndAuthenticateAsClient(IAsyncResult asyncResult)
      at System.Net.Security.SslStream.<>c.<AuthenticateAsClientAsync>b__46_2(IAsyncResult iar)
      at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization)
      --- End of stack trace from previous location where exception was thrown ---
      at MongoDB.Driver.Core.Connections.SslStreamFactory.CreateStreamAsync(EndPoint endPoint, CancellationToken cancellationToken)
      at MongoDB.Driver.Core.Connections.BinaryConnection.OpenHelperAsync(CancellationToken cancellationToken)
      --- End of inner exception stack trace ---
      at MongoDB.Driver.Core.Connections.BinaryConnection.OpenHelperAsync(CancellationToken cancellationToken)
      at MongoDB.Driver.Core.Servers.ServerMonitor.HeartbeatAsync(CancellationToken cancellationToken)" }] }.

      but same code work on my local machine without any problems this is the connection code

      var connectionString = config["Database:protocol"] + @"://" + config["Database:Url"] + ":" + config["Database:Port"] + @"/" + config["Database:DbName"];
      var clientSettings = MongoClientSettings.FromUrl(new MongoUrl(connectionString));
      clientSettings.SslSettings = new SslSettings();
      clientSettings.UseSsl = true;
      clientSettings.SslSettings.ClientCertificates = new List<X509Certificate2>()
                  {
                      new X509Certificate2(Path.Combine(env.ContentRootPath, config["Database:Cert"]), config["Database:Password"])
                  };
      var credential = MongoCredential.CreateMongoX509Credential(config["Database:Username"]);
      clientSettings.Credential = credential;
      clientSettings.SslSettings.EnabledSslProtocols = SslProtocols.Tls12;
      clientSettings.SslSettings.CheckCertificateRevocation = false;
      clientSettings.VerifySslCertificate = false;
      var client = new MongoClient(clientSettings); 
      _database = client.GetDatabase(config["Database:DbName"]);
      

      the user name is the subject of the cert and added to the $external database

      this code work on my local dev machine but not on the production server i made the same configurations on both machine and i could connect with the cert on production machine by CMD CLI connection

      i made console app and run on server perfect with the same client cert and same configurations , only my asp .net core app not working when i deploy it to domain mydomain.com

      could any one help me with this error ?

        Attachments

          Activity

            People

            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: