The remote certificate is invalid according to the validation procedure #2368
Unanswered
igor-nesterov-deltatre
asked this question in
Q&A
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hi, We are experiencing issue during
AcquireTokenForClientmethod call.Certificate seems fine we use similar(not the same. certs are created automatically by terraform for each env) cert on our other environments and did not have any issues.
Below a log of MSIL library which I collected during this call(replaced some data by XXXXXXXXXX just in case):
`False MSAL 4.45.0.0 MSAL.Desktop 4.8 or later Windows Server 2019 Datacenter [2023-08-04 16:35:55Z - XXXXXXXXXXXX] === AcquireTokenForClientParameters ===
SendX5C: False
ForceRefresh: True
True MSAL 4.45.0.0 MSAL.Desktop 4.8 or later Windows Server 2019 Datacenter [2023-08-04 16:35:55Z - XXXXXXXXXX]
=== Request Data ===
Authority Provided? - True
Client Id - a44dc95d-5362-4c2b-80ee-XXXXXXXX
Scopes - https://preprod98meXXsg.onmicrosoft.com/XX-core/.default
Redirect Uri - https://replyurlnotset/
Extra Query Params Keys (space separated) -
ClaimsAndClientCapabilities -
Authority - https://preprod98-login.meXX.sg/tfp/XXXXXXXXXXXXXX/B2C_1A_SIGNIN/
ApiId - AcquireTokenForClient
IsConfidentialClient - True
SendX5C - False
LoginHint -
IsBrokerConfigured - False
HomeAccountId -
CorrelationId - bd414a12-f730-446e-b573-b9c3dc56885b
UserAssertion set: False
LongRunningOboCacheKey set: False
Region configured:
True MSAL 4.45.0.0 MSAL.Desktop 4.8 or later Windows Server 2019 Datacenter [2023-08-04 16:35:55Z - bd414a12-f730-446e-b573-b9c3dc56885b] === Token Acquisition (ClientCredentialRequest) started:
Authority: https://preprod98-login.meXX.sg/tfp/4f76aa90-5bae-46dXXXXXXXXXXXXXXXX/B2C_1A_SIGNIN/
Scope: https://preprod98meXXsg.onmicrosoft.com/axis-core/.default
ClientId: a44dc95d-5362-4c2b-80ee-XXXXXXXXX
False MSAL 4.45.0.0 MSAL.Desktop 4.8 or later Windows Server 2019 Datacenter [2023-08-04 16:35:55Z - bd414a12-f730-446e-b573-b9c3dc56885b] Skipped looking for an Access Token in the cache because ForceRefresh or Claims were set.
False MSAL 4.45.0.0 MSAL.Desktop 4.8 or later Windows Server 2019 Datacenter [2023-08-04 16:35:55Z - bd414a12-f730-446e-b573-b9c3dc56885b] [Instance Discovery] Skipping Instance discovery for non-AAD authority.
False MSAL 4.45.0.0 MSAL.Desktop 4.8 or later Windows Server 2019 Datacenter [2023-08-04 16:35:55Z - bd414a12-f730-446e-b573-b9c3dc56885b] Starting TokenClient:SendTokenRequestAsync
False MSAL 4.45.0.0 MSAL.Desktop 4.8 or later Windows Server 2019 Datacenter [2023-08-04 16:35:55Z - bd414a12-f730-446e-b573-b9c3dc56885b] [Token Client] Fetching MsalTokenResponse ....
False MSAL 4.45.0.0 MSAL.Desktop 4.8 or later Windows Server 2019 Datacenter [2023-08-04 16:35:55Z - bd414a12-f730-446e-b573-b9c3dc56885b] Starting [Oauth2Client] Sending POST request
False MSAL 4.45.0.0 MSAL.Desktop 4.8 or later Windows Server 2019 Datacenter [2023-08-04 16:35:56Z - bd414a12-f730-446e-b573-b9c3dc56885b] Starting [HttpManager] ExecuteAsync
True MSAL 4.45.0.0 MSAL.Desktop 4.8 or later Windows Server 2019 Datacenter [2023-08-04 16:35:56Z - bd414a12-f730-446e-b573-b9c3dc56885b] [HttpManager] Sending request. Method: POST. URI: https://preprod98-login.meXX.sg/tfp/4f76aa90-5bae-46db-bb38-c2cb2b1d3bb4/b2c_1a_signin/oauth2/v2.0/token.
False MSAL 4.45.0.0 MSAL.Desktop 4.8 or later Windows Server 2019 Datacenter [2023-08-04 16:35:56Z - bd414a12-f730-446e-b573-b9c3dc56885b] Finished [HttpManager] ExecuteAsync in 63 ms
True MSAL 4.45.0.0 MSAL.Desktop 4.8 or later Windows Server 2019 Datacenter [2023-08-04 16:35:56Z - bd414a12-f730-446e-b573-b9c3dc56885b] === Token Acquisition (1004) failed:
Authority: https://preprod98-login.meXX.sg/tfp/4f76aa90-5bae-XXXXXXXXXXXXX/b2c_1a_signin/oauth2/v2.0/token
ClientId: a44dc95d-5362-4c2b-80ee-XXXXXXXXXXX.
True MSAL 4.45.0.0 MSAL.Desktop 4.8 or later Windows Server 2019 Datacenter [2023-08-04 16:35:56Z - bd414a12-f730-446e-b573-b9c3dc56885b] System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
at System.Net.TlsStream.EndWrite(IAsyncResult asyncResult)
at System.Net.ConnectStream.WriteHeadersCallback(IAsyncResult ar)
--- End of inner exception stack trace ---
at System.Net.HttpWebRequest.EndGetRequestStream(IAsyncResult asyncResult, TransportContext& context)
at System.Net.Http.HttpClientHandler.GetRequestStreamCallback(IAsyncResult ar)
--- End of inner exception stack trace ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()`
Beta Was this translation helpful? Give feedback.
All reactions