Blazor Serverside with LetsEncrypt certificate by Certbot

I’m currently working on a Blazor app (serverside) and I’m looking at adding a certificate for HTTPS.

I have already set up Certbot on my Windows Server to automatically refresh certificates, and have already generated one.

However, I’m having trouble telling Blazor to use this certificate.

My current appsettings.json looks like this:

{
  "Kestrel": {
    "Certificates": {
      "Default": {
        "Path": "C:Certbotliveexample.comfullchain.pem",
        "KeyPath": "C:Certbotliveexample.comprivkey.pem"
      }
    }
  }
}

When I run the application with this configuration, it gives me a Unspecified error error.

I’ve also tried it with a .pfx file, but the same error occurs.

The path I use refers to a symlink, so I’ve tried changing it to the direct path (C:Certbotarchiveexample.comfullchain1.pem) but it then gives me the error No supported key formats were found. Check that the input represents the contents of a PEM-encoded key file, not the path to such a file. (Parameter 'input')
This error made me think that this is the way to go, because at least it talks about the key. But I can’t seem to find a way to lose this error.
I looked at possibly converting the privkey.pem to private.key, but according to what I found, this shouldn’t matter.

It does seem to recognize it as a file, because as soon as I change it, it gives me a The system cannot find the file specified error.

The full stacktrace for the Unspecified error error:

Microsoft.AspNetCore.Server.Kestrel[0]
      Unable to start Kestrel.
      Internal.Cryptography.CryptoThrowHelper+WindowsCryptographicException: Unspecified error
         at Internal.Cryptography.Pal.CertificatePal.FromBlobOrFile(ReadOnlySpan`1 rawData, String fileName, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags)
         at System.Security.Cryptography.X509Certificates.X509Certificate..ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags)
         at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(String fileName, String password)
         at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Certificates.CertificateConfigLoader.LoadCertificate(CertificateConfig certInfo, String endpointName)
         at Microsoft.AspNetCore.Server.Kestrel.KestrelConfigurationLoader.LoadDefaultCert()
         at Microsoft.AspNetCore.Server.Kestrel.KestrelConfigurationLoader.Reload()
         at Microsoft.AspNetCore.Server.Kestrel.KestrelConfigurationLoader.Load()
         at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.BindAsync(CancellationToken cancellationToken)
         at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.StartAsync[TContext](IHttpApplication`1 application, CancellationToken cancellationToken)
Unhandled exception. Internal.Cryptography.CryptoThrowHelper+WindowsCryptographicException: Unspecified error
   at Internal.Cryptography.Pal.CertificatePal.FromBlobOrFile(ReadOnlySpan`1 rawData, String fileName, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags)
   at System.Security.Cryptography.X509Certificates.X509Certificate..ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags)
   at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(String fileName, String password)
   at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Certificates.CertificateConfigLoader.LoadCertificate(CertificateConfig certInfo, String endpointName)
   at Microsoft.AspNetCore.Server.Kestrel.KestrelConfigurationLoader.LoadDefaultCert()
   at Microsoft.AspNetCore.Server.Kestrel.KestrelConfigurationLoader.Reload()
   at Microsoft.AspNetCore.Server.Kestrel.KestrelConfigurationLoader.Load()
   at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.BindAsync(CancellationToken cancellationToken)
   at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.StartAsync[TContext](IHttpApplication`1 application, CancellationToken cancellationToken)
   at Microsoft.AspNetCore.Hosting.GenericWebHostService.StartAsync(CancellationToken cancellationToken)
   at Microsoft.Extensions.Hosting.Internal.Host.StartAsync(CancellationToken cancellationToken)
   at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.RunAsync(IHost host, CancellationToken token)
   at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.RunAsync(IHost host, CancellationToken token)
   at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.Run(IHost host)
   at Application.Program.Main(String[] args) in C:ApplicationProgram.cs:line 10

Source: Windows Questions

LEAVE A COMMENT