Google Cloud Platform上的NET Core 2.1无法通过意外的数据包格式对HTTPS连接TLS握手失败进行身份验证

时间:2018-08-02 13:54:24

标签: asp.net-core .net-core google-cloud-platform asp.net-core-2.1 kestrel

我正在尝试在Google Cloud Platform中设置Web应用程序并使用https。当浏览器尝试通过https端口连接时,Kestrel报告以下内容:

Hosting environment: Development
Content root path: /home/cvanem2/abc/HelloWorldAspNetCore
Now listening on: https://localhost:5001
Now listening on: http://localhost:5000
Application started. Press Ctrl+C to shut down.
dbug: HttpsConnectionAdapter[1]
      Failed to authenticate HTTPS connection.
System.IO.IOException: The handshake failed due to an unexpected packet format.
   at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.PartialFrameCallback(AsyncProtocolRequest asyncRequest)
--- End of stack trace from previous location where exception was thrown ---
   at System.Net.Security.SslState.ThrowIfExceptional()
   at System.Net.Security.SslState.InternalEndProcessAuthentication(LazyAsyncResult lazyResult)
   at System.Net.Security.SslState.EndProcessAuthentication(IAsyncResult result)
   at System.Net.Security.SslStream.EndAuthenticateAsServer(IAsyncResult asyncResult)
   at System.Net.Security.SslStream.<>c.<AuthenticateAsServerAsync>b__51_1(IAsyncResult iar)
   at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization)
--- End of stack trace from previous location where exception was thrown ---
   at Microsoft.AspNetCore.Server.Kestrel.Https.Internal.HttpsConnectionAdapter.InnerOnConnectionAsync(ConnectionAdapterContext context)ext)

我的生产代码中存在此问题,但也可以使用提供的示例代码轻松地生产。如果您具有Google Cloud Platform项目设置,则以下是有关如何重现此问题的说明:

  1. 打开GCP终端窗口
  2. sudo apt-get -y install dotnet-sdk-2.1
  3. dotnet新剃须刀-o HelloWorldAspNetCore
  4. cd HelloWorldAspNetCore /
  5. dotnet开发人员证书https
  6. dotnet运行
  7. 将“ Web预览”设置为端口5001,然后尝试打开。错误将显示在终端窗口中

相同的确切代码在Windows PC上运行良好。我还将Windows代码编译到Windows上的linux docker容器中并执行了docker。如果代码在docker中执行,则会出现问题,因此它似乎与运行.net代码的操作系统有关。我尝试使用Wireshark分析来自Docker映像的TLS数据包,但在前几个数据包之后对数据进行了加密,并且没有出现错误。任何帮助,将不胜感激。

1 个答案:

答案 0 :(得分:4)

您可以更改launchSettings.json,在https之前修改http 

"WebApplication2": {
  "commandName": "Project",
  "launchBrowser": true,
  "launchUrl": "api/values",
  "environmentVariables": {      
    "ASPNETCORE_ENVIRONMENT": "Development"
  },
  **"applicationUrl": "http://localhost:5000;https://localhost:5001"**
}
相关问题
最新问题