New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Invalid secret after it has worked several times #117

Closed
jeffijoe opened this Issue Apr 2, 2017 · 6 comments

Comments

Projects
None yet
3 participants
@jeffijoe

jeffijoe commented Apr 2, 2017

Since the webjob didn't work this time, I tried going to the extension config page, but when I click Next on the first screen, I get:

Microsoft.IdentityModel.Clients.ActiveDirectory.AdalServiceException: AADSTS70002: Error validating credentials. AADSTS50012: Invalid client secret is provided. Trace ID: f8002e35-8e39-4dce-a889-96498b8f0d00 Correlation ID: 96cd5114-2f15-4cc4-89fd-8d110359777a Timestamp: 2017-04-02 12:10:31Z ---> System.Net.WebException: The remote server returned an error: (401) Unauthorized. at System.Net.HttpWebRequest.GetResponse() at Microsoft.IdentityModel.Clients.ActiveDirectory.HttpWebRequestWrapper.<GetResponseSyncOrAsync>d__2.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.IdentityModel.Clients.ActiveDirectory.HttpHelper.<SendPostRequestAndDeserializeJsonResponseAsync>d__0`1.MoveNext() --- End of inner exception stack trace --- at Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext.RunAsyncTask[T](Task`1 task) at Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext.AcquireToken(String resource, ClientCredential clientCredential) at LetsEncrypt.SiteExtension.ArmHelper.GetWebSiteManagementClient(IAuthSettings model) in J:\Projects\letsencrypt-siteextension\LetsEncrypt.SiteExtension.Core\ArmHelper.cs:line 18 at LetsEncrypt.SiteExtension.Controllers.HomeController.Index(AuthenticationModel model) ErrorCode: invalid_client StatusCode: 401

I haven't changed my secret so it must be something else. Any ideas?

@sjkp

This comment has been minimized.

Show comment
Hide comment
@sjkp

sjkp Apr 2, 2017

Owner

Well even if you haven't changed it it might expire. Default expiration is 1 year after creation.

Owner

sjkp commented Apr 2, 2017

Well even if you haven't changed it it might expire. Default expiration is 1 year after creation.

@jeffijoe

This comment has been minimized.

Show comment
Hide comment
@jeffijoe

jeffijoe Apr 2, 2017

That's probably it - I went to the Keys blade in Azure AD manager and found that was indeed the case. I created a new one, entered the same secret, and when I hit Save, it gave me something that looks like base64. I pasted that in the previous secret's place but still nothing. Any ideas how to get it back up?

jeffijoe commented Apr 2, 2017

That's probably it - I went to the Keys blade in Azure AD manager and found that was indeed the case. I created a new one, entered the same secret, and when I hit Save, it gave me something that looks like base64. I pasted that in the previous secret's place but still nothing. Any ideas how to get it back up?

@jeffijoe

This comment has been minimized.

Show comment
Hide comment
@jeffijoe

jeffijoe Apr 2, 2017

Ah, nevermind! Tried it a 2nd time and it worked, now let's see if I can get that sweet sweet HTTPS back. Thanks for confirming it was indeed an expiration issue.

jeffijoe commented Apr 2, 2017

Ah, nevermind! Tried it a 2nd time and it worked, now let's see if I can get that sweet sweet HTTPS back. Thanks for confirming it was indeed an expiration issue.

@sjkp sjkp closed this Apr 2, 2017

@Knaackee

This comment has been minimized.

Show comment
Hide comment
@Knaackee

Knaackee Apr 28, 2017

I am getting this exception as well.

@sjkp could you give me some information on how to update the key. E.g. i dont find the "keys" blade.

Thank You!

Knaackee commented Apr 28, 2017

I am getting this exception as well.

@sjkp could you give me some information on how to update the key. E.g. i dont find the "keys" blade.

Thank You!

@sjkp

This comment has been minimized.

Show comment
Hide comment
@sjkp

sjkp Apr 29, 2017

Owner

Here goes:

  1. Navigate to Azure AD blade in the portal (portal.azure.com)

  2. Select App Registrations
    image

  3. Select the app that you use to authenticate the lets encrypt site extension with

  4. Now select keys

  5. Now you can make a new key, and set its expiry to never (wasn't possible in the old portal)
    image

  6. Once you hit save, it shows the password (this is the only time it is shown so be sure to save it)

Owner

sjkp commented Apr 29, 2017

Here goes:

  1. Navigate to Azure AD blade in the portal (portal.azure.com)

  2. Select App Registrations
    image

  3. Select the app that you use to authenticate the lets encrypt site extension with

  4. Now select keys

  5. Now you can make a new key, and set its expiry to never (wasn't possible in the old portal)
    image

  6. Once you hit save, it shows the password (this is the only time it is shown so be sure to save it)

@Knaackee

This comment has been minimized.

Show comment
Hide comment
@Knaackee

Knaackee Apr 30, 2017

Thank you very much!!!!

Knaackee commented Apr 30, 2017

Thank you very much!!!!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment