-
Notifications
You must be signed in to change notification settings - Fork 1k
[AspNetCore] Work around certificates issue in .NET Core 3.1 Preview 1 #8993
Conversation
Console.WriteLine ($"Could not clean up current certificate, trusting might fail"); | ||
} | ||
} | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
With a bad certificate dev-certs https --check
returns 0 so we would not run this. Not sure this fixes 1002439 nor 1002551. I think it needs to be fixed in .NET Core 3.1 preview 1 sdk. The bug linked to has a repro which does not involve VS Mac.
However, that being said, I am not against running a clean before trying to trust the certificates. That might help in some cases - just not sure it would fix the 3.1 preview 1 problem.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, have been repro'ing the bug and seems I thought it was fixed because, I guess, ran it when the certificate was ok, so starting again :p
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Well, I thought I had been dreaming, but not, following the steps at dotnet/aspnetcore#15118 (comment)
after all those:
rodrigo@Rodrigos-MacBook-Pro:/tmp/webapp $ dotnet dev-certs https --check
A valid certificate was found.
rodrigo@Rodrigos-MacBook-Pro:/tmp/webapp $ echo $?
0
rodrigo@Rodrigos-MacBook-Pro:/tmp/webapp $ dotnet dev-certs https --trust --check
A valid certificate was found.
The following certificates were found, but none of them is trusted:
CN=localhost - EBFEC93EE823FBC3BF969E5753863E3CAED95AD1
rodrigo@Rodrigos-MacBook-Pro:/tmp/webapp $ echo $?
7
--trust --check is what we use ->
monodevelop/main/src/addins/MonoDevelop.AspNetCore/MonoDevelop.AspNetCore/DotNetCoreDevCertsTool.cs
Line 55 in 9b6e959
"dev-certs https --trust --check", |
so the code that calls CheckCertificate
indeed gets a non-0 error code so goes through the --clean --trust again.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ok, and now it doesn't work :/
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Now can't repro anymore, I always get 0 as return code :(
} else if (result == CertificateCheckResult.Error) { | ||
// Check failed - Do not try to trust certificate since this | ||
// will likely also fail. | ||
return; | ||
} | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Another idea here might to be to pass a clean parameter to the console dev-certs runner if CertificateCheckResult.Error was the exit code.
Fixes https://devdiv.visualstudio.com/DevDiv/_workitems/edit/1002439
Fixes https://devdiv.visualstudio.com/DevDiv/_workitems/edit/1002551