我正在使用 Visual Studio 开发 .net Core 7 API。我启用了 HttpsRedirection,一切看起来都很好,直到我突然开始从浏览器中收到此错误:NET::ERR_CERT_AUTHORITY_INVALID。
我在CMD管理员模式下尝试了以下命令来信任证书:
dotnet dev-certs https --trust -v
该命令产生以下输出:
Trusting the HTTPS development certificate was requested. A confirmation prompt will be displayed if the certificate was not previously trusted. Click yes on the prompt to trust the certificate.
[1] Listing certificates from CurrentUser\My
[2] Found certificates: 1 certificate
1) DECC86D14FE509AFF72B64EE601B09D67F7558DC - CN=localhost - Valid from 2023-11-14 10:31:38Z to 2024-11-13 10:31:38Z - IsHttpsDevelopmentCertificate: true - IsExportable: true
[3] Checking certificates validity
[4] Valid certificates: 1 certificate
1) DECC86D14FE509AFF72B64EE601B09D67F7558DC - CN=localhost - Valid from 2023-11-14 10:31:38Z to 2024-11-13 10:31:38Z - IsHttpsDevelopmentCertificate: true - IsExportable: true
[5] Invalid certificates: no certificates
[6] Finished listing certificates.
[1] Listing certificates from LocalMachine\My
[2] Found certificates: no certificates
[3] Checking certificates validity
[4] Valid certificates: no certificates
[5] Invalid certificates: no certificates
[6] Finished listing certificates.
[8] Filtered certificates: 1 certificate
1) DECC86D14FE509AFF72B64EE601B09D67F7558DC - CN=localhost - Valid from 2023-11-14 10:31:38Z to 2024-11-13 10:31:38Z - IsHttpsDevelopmentCertificate: true - IsExportable: true
[9] Excluded certificates: no certificates
[14] Valid certificates: 1 certificate
1) DECC86D14FE509AFF72B64EE601B09D67F7558DC - CN=localhost - Valid from 2023-11-14 10:31:38Z to 2024-11-13 10:31:38Z - IsHttpsDevelopmentCertificate: true - IsExportable: true
[15] Selected certificate: DECC86D14FE509AFF72B64EE601B09D67F7558DC - CN=localhost - Valid from 2023-11-14 10:31:38Z to 2024-11-13 10:31:38Z - IsHttpsDevelopmentCertificate: true - IsExportable: true
[29] Trusting the certificate to: DECC86D14FE509AFF72B64EE601B09D67F7558DC - CN=localhost - Valid from 2023-11-14 10:31:38Z to 2024-11-13 10:31:38Z - IsHttpsDevelopmentCertificate: true - IsExportable: true.
[45] Adding certificate to the trusted root certification authority store.
[31] An error has occurred while trusting the certificate: System.Security.Cryptography.CryptographicException: Access is denied.
at System.Security.Cryptography.X509Certificates.StorePal.Add(ICertificatePal certificate)
at Microsoft.AspNetCore.Certificates.Generation.WindowsCertificateManager.TrustCertificateCore(X509Certificate2 certificate)
at Microsoft.AspNetCore.Certificates.Generation.CertificateManager.TrustCertificate(X509Certificate2 certificate).
There was an error trusting HTTPS developer certificate.
我是计算机的管理员,并已检查我是否对以下文件夹具有完全读/写访问权限:
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys
我还尝试在信任之前先清理证书:
dotnet dev-certs https --clean
dotnet dev-certs https --trust
我还从 certlm.msc 中删除了所有本地主机证书并成功重新创建了它们,但是,当尝试信任该证书时,“访问被拒绝”错误仍然存在。
如何修复/查找有关错误的更多详细信息?
我已经解决了这个问题,如下:
在 API 上启用 Swagger
在浏览器中打开 API Swagger URL
此阶段浏览器提示安全证书有问题 - 点击继续访问此网站/高级>继续。
我必须在每个浏览器中单独进行。我不认为它解决了实际问题,但它现在正在工作!