Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

I'm getting error on "Download the certificate once validation is done" #291

Closed
AshfaqAliZardariOfficial opened this issue May 18, 2022 · 3 comments
Closed

I'm getting error on "Download the certificate once validation is done" #291

AshfaqAliZardariOfficial opened this issue May 18, 2022 · 3 comments

Comments

@AshfaqAliZardariOfficial
Copy link

Once again Thank you for the previous issue resolution.

While downloading the certificate as described on the ReadMe.md file. I'm getting an error. I have implemented "Download the certificate once validation is done" as shown below.

var privateKey = KeyFactory.NewKey(KeyAlgorithm.ES256);
var cert = await order.Generate(new CsrInfo
{
    CountryName = "CA",
    State = "Ontario",
    Locality = "Toronto",
    Organization = "Certes",
    OrganizationUnit = "Dev",
    CommonName = "my.domain.name",
}, privateKey);

// Export full chain certification

var certPem = cert.ToPem();
// Export PFX

var pfxBuilder = cert.ToPfx(privateKey);
var pfx = pfxBuilder.Build("my-cert", "abcd1234");

It gives me an error as shown below.

Unhandled Exception: Certes.AcmeException: Can not find issuer 'C=US,O=(STAGING) Internet Security Research Group,CN=(STAGING) Pretend Pear X1' for certificate 'C=US,O=(STAGING) Internet Security Research Group,CN=(STAGING) Bogus Broccoli X2'.
   at Certes.Pkcs.CertificateStore.GetIssuers(Byte[] der)
   at Certes.CertificateChainExtensions.ToPem(CertificateChain certificateChain, IKey certKey)
   at ServerManagerConsoleApp.Program.<Validate>d__10.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.AsyncMethodBuilderCore.<>c.<ThrowAsync>b__6_1(Object state)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(Object state)
   at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Is there any workaround to fix this, and Download the certificate?

NOTE: After this is done, I want to add this certificate to IIS on my windows server.

Love ❤️ @fszlin and the Certes team for continuously great work!
@qideqian
Copy link

我也有相同的问题

@webprofusion-chrisc
Copy link
Collaborator

Duplicate of #253 - you need to call AddIssuer to include any trusted root certificates the PFX will rely on for it's chain.

@martinguenther
Copy link

I'm having the same issue on cert.ToPem().
I did get the pfxBuilder.Build(...) to work by adding the root certificate as suggested by using pfxBuilder.AddIssuer(System.IO.File.ReadAllBytes("C:\temp\letsencrypt-stg-root-x2.pem")). But I am stuck on .ToPem(). I don't get where to add the Issuer in that case.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@webprofusion-chrisc @martinguenther @qideqian @AshfaqAliZardariOfficial