HTTPS mode issues

I enabled https but have some issue

  • I had to run radzen in administrative mode otherwise I got permission issues on the self signed certificate (only the first time)
  • when the app call the rest endpoint a "ERR_SSL_PROTOCOL_ERROR" was returned and the output console in radzen logs:
info: Microsoft.AspNetCore.Server.Kestrel[17]
      Connection id "0HL9CT4LCCLCF" bad request data: "Invalid request line: <0x16><0x03><0x01><0x00><0xC0><0x01><0x00><0x00><0xBC><0x03><0x03><0x0C><0x8D>/<0xB9>&$/?[;}<0xC6><0xA8><0x96><0xB8><0xAD><0xB3><0xF2>TtU..."
Microsoft.AspNetCore.Server.Kestrel.BadHttpRequestException: Invalid request line: <0x16><0x03><0x01><0x00><0xC0><0x01><0x00><0x00><0xBC><0x03><0x03><0x0C><0x8D>/<0xB9>&$/?[;}<0xC6><0xA8><0x96><0xB8><0xAD><0xB3><0xF2>TtU...

Sidenote:

I had change the the following by hand when switching between http and https:

"schemes": [
"http"
]
Otherwise the rest call was still over http instead of https

Yes, at the moment the ASP.NET Core app doesn’t run with HTTPS enabled and this is why there is a warning in the browser. We will look into this.

Hi @bartnetjs!

I’ve managed to get HTTPS running with the .NET Core application. There is something I would like to get your feedback on though. How should Radzen handle deployment of HTTPS applications? There is more than one way we could do it:

  1. We can expect developers to overwrite the self-signed certificate that Radzen generates with the production one and expose extensibility API to set any passwords which the certificate may require. This has one problem though - the Angular CLI doesn’t work with p12 (pfx) certificates and one would have to manually create them via openssl.
  2. We can ask for the production certificate and password in the deploy dialog.

What do you think? What would be more convenient?

-Atanas

hi @korchev

I would go for option 2 (or let a user save the location where you also enable the https option).
But, mostly (in my case), I create a certificate and upload it to the (azure) site.
Here is a link how you can do it with the azure cli:

were you able to run local without the "ERR_SSL_PROTOCOL_ERROR" error?

were you able to run local without the “ERR_SSL_PROTOCOL_ERROR” error?

Yes, we have to implement the production deployment feature first though in order to be complete. Otherwise you would have to uncheck HTTPS before publishing to Azure (which may also work I guess). I can send you an interim build if you would like to test. Let me know.

Indeed without HTTPS it works, but I only run in https (public cloud)
If I can help to test your interim build, sure

You can download the build from here.

Some caveats:

  • The certificates are self-signed and browsers will display warnings unless you trust them. Needless to say those certificates should not be used in production.
  • Before deployment you have to disable HTTPS. If you have setup HTTPS in Azure it should work as expected.

The error message ERR_SSL_PROTOCOL_ERROR error indicates that the browser is not able to initiate the secured communication at the moment. It's almost impossible to pin it down to a single cause, it could be almost anything. There is no definite guide for managing this error. However, there are few changes or settings which help you to get rid you of this error.

  • Configure Correct Date and Time
    
  • Clear Browsing Data
    
  • Clear Your SSL State
    
  • Disable QUIC Protocol of Chrome
    
  • Disable your Internet Browser Extensions
    
  • Adjust Your Internet Security and Privacy Level
    
  • Remove your system's hosts file
    
  • Check Your Antivirus Settings
    
  • Check Your Firewall