.NET core web app using SSL – SEC_ERROR_INADEQUATE_KEY_USAGE

Posted on April 29, 2022 by osco.se

If there is problems start a local development server in .net core version 6 web app using SSL. You can disable SSL in the launch profile. When I started a new website today in the local dev I got the error message “SEC_ERROR_INADEQUATE_KEY_USAGE”. I tried to copy the personal certificate in the certificate manager but that didn’t work. So I decided to disable SSL instead. This is how you can disable SSL in the local dev:
1. Right click on project name in solution explorer and select Properties.
2. Select Debug > General.
3. Click on link Open launch profile.
4. In the IIS Express section untick “Use SSL”.
5. Hit F5 to start website without SSL.

Big logfiles in VSLogs

Posted on February 2, 2022 by osco.se

If you have problems with the disk space suddenly being depleted. Could this be due to large auto-generated log files in VSLogs (../AppData/Local/Temp/VSLogs). This problem seems to have been around for a while and there is also an ongoing case about this (https://developercommunity.visualstudio.com/t/vs-2019-created-big-size-svclog-files-in-temp-path/ 1517476). Currently running VS2022 – Version 17.0.5. 60GB of logfiles generated. It probably would have been more if the disk space haven’t been depleted.

UseStatusCodePagesWithReExecute .net 6

Posted on January 26, 2022 by osco.se

I got some problem when trying to use custom error pages in a .net 6 mvc web app. Using UseStatusCodePagesWithReExecute to redirect to an error controller on exceptions like 404 or 500 response status. But the error controller never got fired. Discovered that this problem was due to that the UseStatusCodePagesWithReExecute call needs to be called before app.UseRouting() in Startup.cs. Else it didn’t work for me!

startup — Hope this helps someone who is experiencing the same problem!

Changing password on a user using MMC

Posted on December 9, 2021 by osco.se

Warning message below is from changing a password on a user in Microsoft Management Console (MMC) Windows 10. The warning message was quite funny, it’s in Swedish but the warning is: ..”Only use this command if a user has forgotten their password and does not have a floppy recovery disc”..Anyone using floppy disc’s these days?

SSL certificate import to IIS “Specified logon session does not exist”

Posted on October 27, 2021 by osco.se

Have been struggling a bit to import a SSL certificate generated by certbot (Let’s Encrypt) on an IIS server.

Reproduction of error

1. Create SSL certificate with certbot using command:
certbot -d domain.com -d www.domain.com --manual --preferred-challenges dns certonly

2. Certificates and keys are created in files: “cert.pem”, “chain.pem”, “fullchain.pem” and “privkey.pem”. So far so good!

3. Create a PFX-file to import to the IIS server using:

openssl pkcs12 -export -out "myfilename.pfx" -inkey "privkey.pem" -in "cert.pem" -certfile fullchain.pem

4. PFX file created! Let’s import this to Server Certificates. Key is marked as exportable in the import. Importing then goes without any problem.

5. When re-binding the domain to use this new certificate following error occurs:

specified-logon — A specified logon session does not exist. It may already have been terminated. (Exception from HRESULT: 0x80070520).

How to fix this error?

The problem seems to be in the certificate file (PFX) itself. Something went wrong when it was created. So I tried to re-create the PFX and changed the last parameter to use “chain.pem” instead and this solved the problem! So command line to create a PFX-file with certificate files from certbot should be:

openssl pkcs12 -export -out "myfilename.pfx" -inkey "privkey.pem" -in "cert.pem" -certfile chain.pem

Hope this help anyone struggling with this issue!

Change keyboard layout in Kali Linux

Posted on October 11, 2021 by osco.se

Default keyboard layout for Kali Linux is english. One command you can use for changing keyboard layout is:
setxkbmap <lang-code>

So for instance if you would like to change the layout to swedish the command is:
setxkbmap se

Convert SSL certificate to PFX using OpenSSL

Posted on December 12, 2020 by osco.se

If you want to create a password protected PFX file from certificate file and a private key you can use OpenSSL. Follow these steps to create a PFX file.

1. Download the SSL/TLS tookit from https://www.openssl.org.
2. Run this command in a terminal window:
“{PATH}\openssl.exe” pkcs12 -export -out “{PATH}\{filename-of-pfx}.pfx” -inkey “{PATH}{filename-of-key}.key” -in “{PATH}{filename-of-certificate}.crt” -certfile {PATH}{filename-of-ca-bundle}.crt
3. Choose a password for the pfx file.
4. Done, the pfx file is now created at specified path.

.NET MVC – Illegal characters in path

Posted on May 5, 2020 by osco.se

Scenario
Render a ASP.NET MVC Razor view with a model from the controller.

Error / Exception
System.ArgumentException: Illegal characters in path.

Cause
The model from the controller was returning JSON and the view had declared “@model string” to handle the JSON.

Solution
Updates in both controller and view. Change controller return type from string to the object.

Controller
Original: return View(JsonConvert.SerializeObject(List));
Change to: return View(List);

View
Original: @model string
Change to: @model List<object>

Error when reading from PFX certificate SSL/TLS

Posted on March 27, 2020 by osco.se

Case
Establish a secure connection to a server. Authentication with certificate.

Error message
The request was aborted: Could not create SSL/TLS secure channel.

Start Microsoft Management Console, either from control panel or by run command “mmc”.
In MMC select File > Add/Remove Snap-In (Ctrl+M).
Select Certificates > Add > OK. In next window select Local Computer.
When Certificates is added select Certificates > Personal > Certificates.
You can see all the installed certificates in the window to the right. In order to add a permission right-click on a certificate and select All Tasks > Manage Private Keys.
Search for user IIS_IUSRS (IIS User) and then add the user. You can configure the permissions like full control, read etc.
when the user is added.

Problems connecting to WCF service

Posted on November 7, 2019 by osco.se

Trying to connect to a WCF-service but get some error messages:

The HTTP request is unauthorized with client authentication scheme Anonymous The authentication header received from the server was Basic

The provided URI scheme https is invalid expected http

The solution was to adjust web.config > system.serviceModel section. Add “Transport” to security mode. and clientCredentialType should be “Basic” if the server expects Basic Realm.

  <system.serviceModel>
    <bindings>
      <basicHttpBinding>
        <binding name="Document_Binding" closeTimeout="01:00:00" openTimeout="01:00:00" receiveTimeout="01:00:00" sendTimeout="01:00:00" maxReceivedMessageSize="2147483647">
          <security mode="Transport">
            <transport clientCredentialType="Basic" />
          </security>
        </binding>
      </basicHttpBinding>
    </bindings>
    <client>
    <endpoint ....../>
    </client>
  </system.serviceModel>

Good luck with your connections =)

Osco.se

A notebook
Is also seen at MSDN

Category Archives: Development