UseStatusCodePagesWithReExecute .net 6

net logo

I got some problem when trying to use custom error pages in a .net 6 mvc web app. Using UseStatusCodePagesWithReExecute to redirect to an error controller on exceptions like 404 or 500 response status. But the error controller never got fired. Discovered that this problem was due to that the UseStatusCodePagesWithReExecute call needs to be called before app.UseRouting() in Startup.cs. Else it didn’t work for me!

startup
Hope this helps someone who is experiencing the same problem!

SSL certificate import to IIS “Specified logon session does not exist”

Have been struggling a bit to import a SSL certificate generated by certbot (Let’s Encrypt) on an IIS server.

Reproduction of error

1. Create SSL certificate with certbot using command:
certbot -d domain.com -d www.domain.com --manual --preferred-challenges dns certonly

2. Certificates and keys are created in files: “cert.pem”, “chain.pem”, “fullchain.pem” and “privkey.pem”. So far so good!

3. Create a PFX-file to import to the IIS server using:

openssl pkcs12 -export -out "myfilename.pfx" -inkey "privkey.pem" -in "cert.pem" -certfile fullchain.pem

4. PFX file created! Let’s import this to Server Certificates. Key is marked as exportable in the import. Importing then goes without any problem.

5. When re-binding the domain to use this new certificate following error occurs:

specified-logon
A specified logon session does not exist. It may already have been terminated. (Exception from HRESULT: 0x80070520).

How to fix this error?

The problem seems to be in the certificate file (PFX) itself. Something went wrong when it was created. So I tried to re-create the PFX and changed the last parameter to use “chain.pem” instead and this solved the problem! So command line to create a PFX-file with certificate files from certbot should be:

openssl pkcs12 -export -out "myfilename.pfx" -inkey "privkey.pem" -in "cert.pem" -certfile chain.pem


Hope this help anyone struggling with this issue!

Convert SSL certificate to PFX using OpenSSL

If you want to create a password protected PFX file from certificate file and a private key you can use OpenSSL. Follow these steps to create a PFX file.

ssl certificate
  • 1. Download the SSL/TLS tookit from https://www.openssl.org.
  • 2. Run this command in a terminal window:
    “{PATH}\openssl.exe” pkcs12 -export -out “{PATH}\{filename-of-pfx}.pfx” -inkey “{PATH}{filename-of-key}.key” -in “{PATH}{filename-of-certificate}.crt” -certfile {PATH}{filename-of-ca-bundle}.crt
  • 3. Choose a password for the pfx file.
  • 4. Done, the pfx file is now created at specified path.

.NET MVC – Illegal characters in path

Scenario
Render a ASP.NET MVC Razor view with a model from the controller.

Error / Exception
System.ArgumentException: Illegal characters in path.

Cause
The model from the controller was returning JSON and the view had declared “@model string” to handle the JSON.

Solution
Updates in both controller and view. Change controller return type from string to the object.

Controller
Original: return View(JsonConvert.SerializeObject(List));
Change to: return View(List);

View
Original: @model string
Change to: @model List<object>

Error when reading from PFX certificate SSL/TLS

Case
Establish a secure connection to a server. Authentication with certificate.

Error message
The request was aborted: Could not create SSL/TLS secure channel.

  1. Start Microsoft Management Console, either from control panel or by run command “mmc”.
  2. In MMC select File > Add/Remove Snap-In (Ctrl+M).

    mmc add remove snap in
  3. Select Certificates > Add > OK. In next window select Local Computer.

    mmc add certificate
  4. When Certificates is added select Certificates > Personal > Certificates.
  5. You can see all the installed certificates in the window to the right. In order to add a permission right-click on a certificate and select All Tasks > Manage Private Keys.

    mmc manage private keys
  6. Search for user IIS_IUSRS (IIS User) and then add the user. You can configure the permissions like full control, read etc.
    when the user is added.

    mmc add iis user

Problems connecting to WCF service

Trying to connect to a WCF-service but get some error messages:

The HTTP request is unauthorized with client authentication scheme Anonymous The authentication header received from the server was Basic

The provided URI scheme https is invalid expected http

The solution was to adjust web.config > system.serviceModel section. Add “Transport” to security mode. and clientCredentialType should be “Basic” if the server expects Basic Realm.

  <system.serviceModel>
    <bindings>
      <basicHttpBinding>
        <binding name="Document_Binding" closeTimeout="01:00:00" openTimeout="01:00:00" receiveTimeout="01:00:00" sendTimeout="01:00:00" maxReceivedMessageSize="2147483647">
          <security mode="Transport">
            <transport clientCredentialType="Basic" />
          </security>
        </binding>
      </basicHttpBinding>
    </bindings>
    <client>
    <endpoint ....../>
    </client>
  </system.serviceModel>

Good luck with your connections =)

Unable to connect to SQL DB via SSMS on Azure VM

I’ve installed SQL Server 2016 Express on a Azure Virtual Machine (VM). I opened the ports (port 1433) to connect to the server via Sql Server Management Studio (SSMS) but access was denied. I also opened the port inside the Azure portal on the server but still no success.
Then I came over a solution to the connection problem. You need to set the port number on IPAll among IP Addresses inside TCP/IP in Sql Server Configuration Manager. See screenshot below.

sql-server-ip-address
TCP Port 1433

How to navigate to the TCP Port setting:

  1. Open Sql Server Configuration Manager.
  2. Click on “Protocols” for “{INSTANCE NAME}” under Sql Server Network Configuration.
  3. Double click on TCP/IP.
  4. Click on tab “IP Addresses”.
  5. Scroll to the bottom and write the port number (1433 is default).

Good luck!