The certificate chain was issued by an authority that is not trusted

asp.net-core asp.net-identity entity-framework-core sql-server

Question

I studied the help here on upgrading to aspnetcore 2.1.0

My database is SQLExpress 2016SP1

I am able to add a migration but when I issue

update-database

at the Package Manager Console, I get an error

A connection was successfully established with the server, but then an error occurred during the login process.
(provider: SSL Provider, error: 0 - The certificate chain was issued by an authority that is not trusted.)

The connection string is of the form

   Server="Server=myserver;Initial Catalog=mydatabase;Trusted_Connection=True;MultipleActiveResultSets=true

The DbContext is

public class ApiDbContext : IdentityDbContext<ApplicationUser>
{
    public ApiDbContext(DbContextOptions<ApiDbContext> options)
        : base(options)
    {
    }
}

The Context Factory is

public class MyContextFactory : IDesignTimeDbContextFactory<ApiDbContext>
{
    public ApiDbContext CreateDbContext(string[] args)
    {
        var optionsBuilder = new DbContextOptionsBuilder<ApiDbContext>();
        var builder = new ConfigurationBuilder();
        builder.AddJsonFile("appsettings.json");
        var config = builder.Build();
        var connectionString = config.GetConnectionString("MyDatabase");
        optionsBuilder.UseSqlServer(connectionString);
        return new ApiDbContext(optionsBuilder.Options);
    }
}

[Update]

If I hard code the connection string inside the implementation of IDesignTimeDbContextFactory then I can run the migrations

public class MyContextFactory : IDesignTimeDbContextFactory<ApiDbContext>
{
    public ApiDbContext CreateDbContext(string[] args)
    {
        var optionsBuilder = new DbContextOptionsBuilder<ApiDbContext>();
        var connectionString =    "Server=myserver;Initial Catalog=mydatabase;Trusted_Connection=True;MultipleActiveResultSets=true";
        optionsBuilder.UseSqlServer(connectionString);
        return new ApiDbContext(optionsBuilder.Options);
    }
}

Hard coding the connection string is not desirable so I would like a better answer.

I am unclear as to why the implementation of IDesignTimeDbContextFactory is needed. (my migration does fail without it )

I have updated my Startup.cs and Progam.cs to match those of a newly generated program where the implementation is not needed.

 public class Program
 {
   public static void Main(string[] args)
    {
        CreateWebHostBuilder(args).Build().Run();
    }

    public static IWebHostBuilder CreateWebHostBuilder(string[] args) =>
        WebHost.CreateDefaultBuilder(args)
            .UseStartup<Startup>();
}

public class Startup
{
    public Startup(IConfiguration configuration)
    {
        Configuration = configuration;
    }

    public IConfiguration Configuration { get; }

    // This method gets called by the runtime. Use this method to add services to the container.
    public void ConfigureServices(IServiceCollection services)
    {
        services.Configure<CookiePolicyOptions>(options =>
        {
            options.CheckConsentNeeded = context => true;
            options.MinimumSameSitePolicy = SameSiteMode.None;
        });

        services.AddDbContext<ApiDbContext>(options =>
            options.UseSqlServer(
                Configuration.GetConnectionString("MyDatabase")));
        services.AddDefaultIdentity<IdentityUser>()
            .AddEntityFrameworkStores<ApiDbContext>();

services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1); }

    // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
    public void Configure(IApplicationBuilder app, IHostingEnvironment env)
    {
        if (env.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
            app.UseDatabaseErrorPage();

        }
        else
        {
            app.UseExceptionHandler("/Error");
            app.UseHsts();
        }

        app.UseHttpsRedirection();
        app.UseStaticFiles();
        app.UseCookiePolicy();
        app.UseAuthentication();
        app.UseMvc();
    }
}

[Update]

I updated to VS2017 version 15.7.3. When I went to repeat the problem and create the first migration, PM displayed the message

The configuration file 'appsettings.json' was not found and is not optional

When I marked this file copy always then both the add-migration and the update-database worked.

1
3
6/11/2018 9:26:42 PM

Accepted Answer

Try adding TrustServerCertificate=True to the connection string, as per This StackOverflow post

3
6/11/2018 4:35:54 PM

Popular Answer

Setting "TrustServerCertificate=True" and using Windows Authentication resolved this for me.



Related Questions





Related

Licensed under: CC-BY-SA with attribution
Not affiliated with Stack Overflow
Licensed under: CC-BY-SA with attribution
Not affiliated with Stack Overflow