AuthenticationException: The remote certificate is invalid because of errors in the certificate chain: UntrustedRoot, NotValidTime

Question

I am consistenly receiving the following error when developing and authenticating locally in Visual Studio:

AuthenticationException: The remote certificate is invalid because of errors in the certificate chain: NotValidTime, UntrustedRoot

Among others, it happens when using HttpClient to call one of our backend-endpoints (localhost) from one of our projects, so it all happens locally.

The certificate was signed/valid from this date last year, and has now run out after a year. None of the other developers on my team are receiving it or had the same problem.

I have then tried a lot of stuff, among others:

dotnet dev-certs https --clean, dotnet dev-certs https and dotnet dev-certs https --trust, which sucessfully updated/re-created a certificate that expires in 2023 - still doesn't work/still receiving the same error though.
Updating certificate in Microsoft Management Console as per these links
- https://stackoverflow.com/a/5427149/16805816
- IdentityServer: The remote certificate is invalid according to the validation procedure

We don't have a centralized authentication procedure - it is spread around the system in various places and scenarios, so I am not able to use workarounds like if #DEBUG... //then ignore certificates. I need to generate a valid certificate correctly.

score 8 · Accepted Answer · answered Aug 19 '22 at 10:43

8

Cleaning all private keys from the following folder did the trick (I only had one, that I just renamed, which did the trick):

C:\Users\{User}\AppData\Roaming\ASP.NET\Https

Credit to this SO-post answer for the solution.

answered Aug 19 '22 at 10:43

mnc

388
1
2
11

1

jade serpent guide you – Emir Kılınç Nov 29 '22 at 13:59

Robert · Answer 2 · 2022-08-19T10:29:00.170

4

Delete your offending localhost certificates:

Control Panel -> Internet Options - > Content tab.

Click Certificates and remove the ones you no longer require.
Click the Clear SSL State button.

Follow instructions here to recreate new certificate for each of your localhost sites, paying attention to the port number:

https://improveandrepeat.com/2020/05/recreate-the-self-signed-https-certificate-for-localhost-in-iis-express

edited Aug 19 '22 at 10:29

answered Aug 19 '22 at 09:47

Robert

103
7

Thanks a lot for the help. The problem has been solved in the meanwhile, and I have posted the solution I used in another answer, in case you are interested. I didn't get to try your solution in time, so that may also have worked. – mnc Aug 19 '22 at 10:44
1

I had the same issue this morning and my solution worked for me. Yours looks easier though! – Robert Aug 19 '22 at 17:04

score 0 · Answer 3 · edited Apr 29 '23 at 20:00

0

First enter these two commands

dotnet dev-certs https --clean
dotnet dev-certs https --trust

Then delete all the files in this path:

C:\Users\{User Name}\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb

edited Apr 29 '23 at 20:00

Jeremy Caney

7,102
69
48
77

answered Apr 27 '23 at 09:49

javad noruzi

1
1

AuthenticationException: The remote certificate is invalid because of errors in the certificate chain: UntrustedRoot, NotValidTime

3 Answers3

Linked