HTTPS mode issues

bartnetjs · November 16, 2017, 12:19pm

I enabled https but have some issue

I had to run radzen in administrative mode otherwise I got permission issues on the self signed certificate (only the first time)
when the app call the rest endpoint a "ERR_SSL_PROTOCOL_ERROR" was returned and the output console in radzen logs:

info: Microsoft.AspNetCore.Server.Kestrel[17]
      Connection id "0HL9CT4LCCLCF" bad request data: "Invalid request line: <0x16><0x03><0x01><0x00><0xC0><0x01><0x00><0x00><0xBC><0x03><0x03><0x0C><0x8D>/<0xB9>&$/?[;}<0xC6><0xA8><0x96><0xB8><0xAD><0xB3><0xF2>TtU..."
Microsoft.AspNetCore.Server.Kestrel.BadHttpRequestException: Invalid request line: <0x16><0x03><0x01><0x00><0xC0><0x01><0x00><0x00><0xBC><0x03><0x03><0x0C><0x8D>/<0xB9>&$/?[;}<0xC6><0xA8><0x96><0xB8><0xAD><0xB3><0xF2>TtU...

Sidenote:

I had change the the following by hand when switching between http and https:

"schemes": [
"http"
]
Otherwise the rest call was still over http instead of https

korchev · November 16, 2017, 7:48pm

Yes, at the moment the ASP.NET Core app doesn’t run with HTTPS enabled and this is why there is a warning in the browser. We will look into this.

korchev · November 17, 2017, 9:17am

Hi @bartnetjs!

I’ve managed to get HTTPS running with the .NET Core application. There is something I would like to get your feedback on though. How should Radzen handle deployment of HTTPS applications? There is more than one way we could do it:

We can expect developers to overwrite the self-signed certificate that Radzen generates with the production one and expose extensibility API to set any passwords which the certificate may require. This has one problem though - the Angular CLI doesn’t work with p12 (pfx) certificates and one would have to manually create them via openssl.
We can ask for the production certificate and password in the deploy dialog.

What do you think? What would be more convenient?

-Atanas

bartnetjs · November 17, 2017, 9:30am

hi @korchev

I would go for option 2 (or let a user save the location where you also enable the https option).
But, mostly (in my case), I create a certificate and upload it to the (azure) site.
Here is a link how you can do it with the azure cli:

were you able to run local without the "ERR_SSL_PROTOCOL_ERROR" error?

korchev · November 17, 2017, 9:53am

were you able to run local without the “ERR_SSL_PROTOCOL_ERROR” error?

Yes, we have to implement the production deployment feature first though in order to be complete. Otherwise you would have to uncheck HTTPS before publishing to Azure (which may also work I guess). I can send you an interim build if you would like to test. Let me know.

bartnetjs · November 17, 2017, 9:57am

Indeed without HTTPS it works, but I only run in https (public cloud)
If I can help to test your interim build, sure

korchev · November 17, 2017, 2:28pm

You can download the build from here.

Some caveats:

The certificates are self-signed and browsers will display warnings unless you trust them. Needless to say those certificates should not be used in production.
Before deployment you have to disable HTTPS. If you have setup HTTPS in Azure it should work as expected.

geraldmuller · May 1, 2019, 10:45am

The error message ERR_SSL_PROTOCOL_ERROR error indicates that the browser is not able to initiate the secured communication at the moment. It's almost impossible to pin it down to a single cause, it could be almost anything. There is no definite guide for managing this error. However, there are few changes or settings which help you to get rid you of this error.

```
Configure Correct Date and Time
```
```
Clear Browsing Data
```
```
Clear Your SSL State
```
```
Disable QUIC Protocol of Chrome
```

Disable your Internet Browser Extensions

Adjust Your Internet Security and Privacy Level

```
Remove your system's hosts file
```
```
Check Your Antivirus Settings
```
```
Check Your Firewall
```

lyra · March 3, 2025, 6:11am

When there is an issue with the SSL protocol that generates an encrypted connection between a website’s browser and the server, the error code ERR_SSL_PROTOCOL_ERROR usually occurs. An outdated browser or OS (operating system), an invalid SSL certificate, or an improper SSL setup on the server side may cause this error.

Your browser will often provide an alert when this phenomenon occurs: “Your connection is not private” or “This site can’t provide a secure connection.” There are many methods to solve the error; you need to understand them in detail.