New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CryptographicException while calling /.well-known/openid-configuration (.NET 8) #1534
Comments
Thanks for the detailed info @Tobias-08. A couple of questions:
|
@josephdecock Thanks for your response. Regarding your questions:
|
This has been asked about before in another support channel. I think that you are right @Tobias-08 that there is a change in behaviour of the constructor. It looks like the exception type thrown has changed in .NET 8 so we might need to update our code to detect the new exception type. |
It looks like this is due to a changed behaviour from .NET 7 and up: dotnet/runtime@43c4405 Moving to IdentityServer repo to fix it. |
@brockallen @josephdecock The exception type was changed in .NET 7. So technically we should patch IdSrv 6.x. But end of life for .NET 7 is less than two months away. I think a fix for IdSrv 7.x is enough. What do you think? |
@Tobias-08 Do you think you could help me to get a value out of the exception thrown? I would need the value of |
@AndersAbel: Yes, you are right. |
@Tobias-08 Thank you! |
@Tobias-08 If we merge this and put out a preview on Nuget, would you be able to help us test it? @brockallen Could we merge this and put out another preview on 7.0.2 to get it tested in a proper environment? It's obviously not testable on a local development setup because the user profile is always available then. |
@AndersAbel Yes, of course. |
We're working on putting out a 7.0.3-preview.1 to test. |
We've pushed a 7.0.3-preview.1 to NuGet with the proposed fix. Please have a look and let us know how it works. Thanks. |
@brockallen @AndersAbel Thanks! |
7.0.3 Has been pushed to NuGet. Thanks! |
Which version of Duende IdentityServer are you using?
7.0.1
Which version of .NET are you using?
.NET 8
Describe the bug
Calling
/.well-known/openid-configuration
leads toCryptographicException: The system cannot find the file specified
since we migrated from .NET 6/IdentityServer 6.x to .NET 8/IdentityServer 7.x.To Reproduce
Load user profile: false
./.well-known/openid-configuration
.Expected behavior
It should work in .NET 8 even if
Load user profile
is set tofalse
.Log output/exception with stacktrace
Additional context
Background:
Load user profile: false
.Load user profile
totrue
.Theory:
X509Certificate2
-constructor might have changed from .NET 6 to .NET 8 so that the workaround (type check) in IdentityServer'sX509KeyContainer
-implementation for theLoad user profile: false
-case might not work anymore.The text was updated successfully, but these errors were encountered: