Я установил пару docker контейнеров для SPA и net core api app.
Текущий поток выполнения:
legacy web -> legacy app1 api -> calls net core api app with https -> calls different net core api app without https
Legacy веб-приложение использует https через root ca компании и промежуточное root ca.
API Netcore использует сертификат makecert, чей root CA был импортирован в устаревшую машину app1.
Запрос от устаревшего API к API Netcore (с использованием https) в настоящее время не выполняется, несмотря на то, что root CA компании импортировал в контейнер. (Я могу сделать openssl на устаревшем веб-приложении из контейнера. Я также могу открыть конечные точки https ядра API net на сервере, где старое приложение размещено в браузере. Обе операции не возвращают ошибок).
Тем не менее, во время выполнения я получаю 500 из устаревшего приложения 1.
Осматривая контейнер API Netcore, я мог видеть это
[18:28:45 DBG] Called the action method MyDomainObject/1 on the endpoint myHttpURl/api/v1/,
[18:28:45 DBG] Calling the action method MyDomainObject/1 on the endpoint myHttpURl/api/v1/ returned a valid result,
[18:28:45 DBG] Calling the action method MyDomainObject/1 on the endpoint myHttpURl/api/v1/ returned the result MyCompany.MyApp1.MyApp2.PojoModels.V1.MyDomainObjectHeaderModel,
[18:28:45 DBG] Calling the action method MyDomainObject/1 on the endpoint myHttpURl/api/v1/: disposing of the response object,
[18:28:45 DBG] Calling the action method MyDomainObject/1 on the endpoint myHttpURl/api/v1/: disposed of the response object,
[18:28:45 DBG] List of registered output formatters, in the following order: ["Microsoft.AspNetCore.Mvc.Formatters.HttpNoContentOutputFormatter", "Microsoft.AspNetCore.Mvc.Formatters.StringOutputFormatter", "Microsoft.AspNetCore.Mvc.Formatters.StreamOutputFormatter", "Microsoft.AspNetCore.Mvc.Formatters.NewtonsoftJsonOutputFormatter"],
[18:28:45 DBG] No information found on request to perform content negotiation.,
[18:28:45 DBG] Attempting to select an output formatter without using a content type as no explicit content types were specified for the response.,
[18:28:45 DBG] Attempting to select the first formatter in the output formatters list which can write the result.,
[18:28:45 DBG] Selected output formatter 'Microsoft.AspNetCore.Mvc.Formatters.NewtonsoftJsonOutputFormatter' and content type 'application/json' to write the response.,
[18:28:45 INF] Executing ObjectResult, writing value of type 'MyCompany.MyApp2.PojoModels.V1.MyDomainObjectHeaderModel'.,
[18:28:45 INF] Executed action MyCompany.MyApp2.Api.Controllers.MyDomainObjectController.Get (MyCompany.MyApp2.Api) in 246.1406ms,
[18:28:45 INF] Executed endpoint 'MyCompany.MyApp2.Api.Controllers.MyDomainObjectController.Get (MyCompany.MyApp2.Api)',
[18:28:45 INF] Request finished in 252.294ms 200 application/json; charset=utf-8,
[18:28:50 DBG] Connection id "0HLU53APCEOQ4" received FIN.,
[18:28:50 DBG] Connection id "0HLU53APCEOQ4" is closed. The last processed stream ID was 3.,
[18:28:50 DBG] Connection id "0HLU53APCEOQ4" sending FIN because: "The client closed the connection.",
[18:28:50 DBG] Connection id "0HLU53APCEOQ4" stopped.,
[18:29:26 DBG] Connection id "0HLU53APCEOQ5" accepted.,
[18:29:26 DBG] Connection id "0HLU53APCEOQ5" started.,
[18:29:26 DBG] Connection id "0HLU53APCEOQ5" received FIN.,
[18:29:26 DBG] Connection id "0HLU53APCEOQ5" sending FIN because: "The client closed the connection.",
[18:29:26 DBG] Connection id "0HLU53APCEOQ5" request processing ended abnormally.,
System.IO.IOException: The decryption operation failed, see inner exception.,
---> Interop+OpenSsl+SslException: Decrypt failed with OpenSSL error - SSL_ERROR_SSL.,
---> Interop+Crypto+OpenSslCryptographicException: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca,
--- End of inner exception stack trace ---,
at Interop.OpenSsl.Decrypt(SafeSslHandle context, Byte[] outBuffer, Int32 offset, Int32 count, SslErrorCode& errorCode),
at System.Net.Security.SslStreamPal.EncryptDecryptHelper(SafeDeleteContext securityContext, ReadOnlyMemory`1 input, Int32 offset, Int32 size, Boolean encrypt, Byte[]& output, Int32& resultSize),
--- End of inner exception stack trace ---,
at System.Net.Security.SslStream.ReadAsyncInternal[TReadAdapter](TReadAdapter adapter, Memory`1 buffer),
at System.IO.Pipelines.StreamPipeReader.ReadAsync(CancellationToken cancellationToken),
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.HttpProtocol.ProcessRequests[TContext](IHttpApplication`1 application),
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.HttpProtocol.ProcessRequestsAsync[TContext](IHttpApplication`1 application),
Что я делать неправильно?