Uploaded image for project: 'C# Driver'
  1. C# Driver
  2. CSHARP-2449

Connection issue with certs after deployment of asp core website to domain but work good if run local on same server




      i've issue that couldn't solve till now

      i setup windows server 2016 with 3 domains and plesk panel i installed Mongodb server 4.0.4 i make selfsigned CA ssl and import it to trusted Root i issued server pem and client pfx and pem certs

      on server i connect by the client cert from CMD it WORKS on my machine i used the same setting and connect from CMD and from asp core App through C# driver ,, it works

      but when i publish the app on the server it not work give me this error :


      TimeoutException: A timeout occured after 30000ms selecting a server using CompositeServerSelector{ Selectors = MongoDB.Driver.MongoClient+AreSessionsSupportedServerSelector, LatencyLimitingServerSelector{ AllowedLatencyRange = 00:00:00.0150000 } }. Client view of cluster state is { ClusterId : "3", ConnectionMode : "Automatic", Type : "Unknown", State : "Disconnected", Servers : [{ ServerId: "{ ClusterId : 3, EndPoint : "" }", EndPoint: "", State: "Disconnected", Type: "Unknown", HeartbeatException: "MongoDB.Driver.MongoConnectionException: An exception occurred while opening a connection to the server. ---> System.ComponentModel.Win32Exception: The credentials supplied to the package were not recognized
      at System.Net.SSPIWrapper.AcquireCredentialsHandle(SSPIInterface secModule, String package, CredentialUse intent, SCHANNEL_CRED scc)
      at System.Net.Security.SslStreamPal.AcquireCredentialsHandle(CredentialUse credUsage, SCHANNEL_CRED secureCredential)
      at System.Net.Security.SslStreamPal.AcquireCredentialsHandle(X509Certificate certificate, SslProtocols protocols, EncryptionPolicy policy, Boolean isServer)
      at System.Net.Security.SecureChannel.AcquireClientCredentials(Byte[]& thumbPrint)
      at System.Net.Security.SecureChannel.GenerateToken(Byte[] input, Int32 offset, Int32 count, Byte[]& output)
      at System.Net.Security.SecureChannel.NextMessage(Byte[] incoming, Int32 offset, Int32 count)
      at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
      at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
      at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
      at System.Net.Security.SslState.PartialFrameCallback(AsyncProtocolRequest asyncRequest)
      --- End of stack trace from previous location where exception was thrown ---
      at System.Net.Security.SslState.ThrowIfExceptional()
      at System.Net.Security.SslState.InternalEndProcessAuthentication(LazyAsyncResult lazyResult)
      at System.Net.Security.SslState.EndProcessAuthentication(IAsyncResult result)
      at System.Net.Security.SslStream.EndAuthenticateAsClient(IAsyncResult asyncResult)
      at System.Net.Security.SslStream.<>c.<AuthenticateAsClientAsync>b__46_2(IAsyncResult iar)
      at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization)
      --- End of stack trace from previous location where exception was thrown ---
      at MongoDB.Driver.Core.Connections.SslStreamFactory.CreateStreamAsync(EndPoint endPoint, CancellationToken cancellationToken)
      at MongoDB.Driver.Core.Connections.BinaryConnection.OpenHelperAsync(CancellationToken cancellationToken)
      --- End of inner exception stack trace ---
      at MongoDB.Driver.Core.Connections.BinaryConnection.OpenHelperAsync(CancellationToken cancellationToken)
      at MongoDB.Driver.Core.Servers.ServerMonitor.HeartbeatAsync(CancellationToken cancellationToken)" }] }.

      but same code work on my local machine without any problems this is the connection code

      var connectionString = config["Database:protocol"] + @"://" + config["Database:Url"] + ":" + config["Database:Port"] + @"/" + config["Database:DbName"];
      var clientSettings = MongoClientSettings.FromUrl(new MongoUrl(connectionString));
      clientSettings.SslSettings = new SslSettings();
      clientSettings.UseSsl = true;
      clientSettings.SslSettings.ClientCertificates = new List<X509Certificate2>()
                      new X509Certificate2(Path.Combine(env.ContentRootPath, config["Database:Cert"]), config["Database:Password"])
      var credential = MongoCredential.CreateMongoX509Credential(config["Database:Username"]);
      clientSettings.Credential = credential;
      clientSettings.SslSettings.EnabledSslProtocols = SslProtocols.Tls12;
      clientSettings.SslSettings.CheckCertificateRevocation = false;
      clientSettings.VerifySslCertificate = false;
      var client = new MongoClient(clientSettings); 
      _database = client.GetDatabase(config["Database:DbName"]);

      the user name is the subject of the cert and added to the $external database

      this code work on my local dev machine but not on the production server i made the same configurations on both machine and i could connect with the cert on production machine by CMD CLI connection

      i made console app and run on server perfect with the same client cert and same configurations , only my asp .net core app not working when i deploy it to domain mydomain.com

      could any one help me with this error ?




            • Votes:
              0 Vote for this issue
              1 Start watching this issue


              • Created: