证书链由不受信任的机构颁发

时间:2018-06-09 04:15:55

标签: sql-server asp.net-core asp.net-identity entity-framework-core

我研究过the help here on upgrading to aspnetcore 2.1.0

我的数据库是SQLExpress 2016SP1

我可以添加迁移但是当我发出

update-database

在软件包管理器控制台,我收到错误

  

与服务器成功建立连接,但在登录过程中发生错误   (提供者:SSL提供者,错误:0 - 证书链由不受信任的权威机构颁发。)

连接字符串的格式为

   Server="Server=myserver;Initial Catalog=mydatabase;Trusted_Connection=True;MultipleActiveResultSets=true

DbContext

public class ApiDbContext : IdentityDbContext<ApplicationUser>
{
    public ApiDbContext(DbContextOptions<ApiDbContext> options)
        : base(options)
    {
    }
}

Context Factory 

public class MyContextFactory : IDesignTimeDbContextFactory<ApiDbContext>
{
    public ApiDbContext CreateDbContext(string[] args)
    {
        var optionsBuilder = new DbContextOptionsBuilder<ApiDbContext>();
        var builder = new ConfigurationBuilder();
        builder.AddJsonFile("appsettings.json");
        var config = builder.Build();
        var connectionString = config.GetConnectionString("MyDatabase");
        optionsBuilder.UseSqlServer(connectionString);
        return new ApiDbContext(optionsBuilder.Options);
    }
}

[更新]

如果我在IDesignTimeDbContextFactory的实现中硬编码连接字符串,那么我可以运行迁移

public class MyContextFactory : IDesignTimeDbContextFactory<ApiDbContext>
{
    public ApiDbContext CreateDbContext(string[] args)
    {
        var optionsBuilder = new DbContextOptionsBuilder<ApiDbContext>();
        var connectionString =    "Server=myserver;Initial Catalog=mydatabase;Trusted_Connection=True;MultipleActiveResultSets=true";
        optionsBuilder.UseSqlServer(connectionString);
        return new ApiDbContext(optionsBuilder.Options);
    }
}

对连接字符串进行硬编码是不可取的,所以我想要一个更好的答案。

我不清楚为什么需要实现IDesignTimeDbContextFactory。 (如果没有它,我的迁移会失败)

我更新了我的Startup.cs和Progam.cs,以匹配不需要实现的新生成的程序。

 public class Program
 {
   public static void Main(string[] args)
    {
        CreateWebHostBuilder(args).Build().Run();
    }

    public static IWebHostBuilder CreateWebHostBuilder(string[] args) =>
        WebHost.CreateDefaultBuilder(args)
            .UseStartup<Startup>();
}

public class Startup
{
    public Startup(IConfiguration configuration)
    {
        Configuration = configuration;
    }

    public IConfiguration Configuration { get; }

    // This method gets called by the runtime. Use this method to add services to the container.
    public void ConfigureServices(IServiceCollection services)
    {
        services.Configure<CookiePolicyOptions>(options =>
        {
            options.CheckConsentNeeded = context => true;
            options.MinimumSameSitePolicy = SameSiteMode.None;
        });

        services.AddDbContext<ApiDbContext>(options =>
            options.UseSqlServer(
                Configuration.GetConnectionString("MyDatabase")));
        services.AddDefaultIdentity<IdentityUser>()
            .AddEntityFrameworkStores<ApiDbContext>();

services.AddMvc()SetCompatibilityVersion(CompatibilityVersion.Version_2_1);         } 

    // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
    public void Configure(IApplicationBuilder app, IHostingEnvironment env)
    {
        if (env.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
            app.UseDatabaseErrorPage();

        }
        else
        {
            app.UseExceptionHandler("/Error");
            app.UseHsts();
        }

        app.UseHttpsRedirection();
        app.UseStaticFiles();
        app.UseCookiePolicy();
        app.UseAuthentication();
        app.UseMvc();
    }
}

[更新]

我更新到VS2017版本15.7.3。 当我重复问题并创建第一次迁移时,PM显示了消息

The configuration file 'appsettings.json' was not found and is not optional

当我始终标记此文件副本时,add-migration和update-database都有效。

2 个答案:

答案 0 :(得分:1)

根据This StackOverflow post

,尝试将TrustServerCertificate=True添加到连接字符串

答案 1 :(得分:1)

设置“ TrustServerCertificate = True”并使用Windows身份验证可以解决此问题。

相关问题
最新问题