Identityserver4: publish to iis and return internal server error to client but fine in develope mode

Created on 1 Apr 2017 · 10Comments · Source: IdentityServer/IdentityServer4

I follow the sample setup sample client_credentials and sample entity framework to do the work,all load fine in the develop mode on my pc.
After I publish this identity server to iis and had use the https .And I use the client api var disco = await DiscoveryClient.GetAsync("https://identityserver.grandnewmaterials.com"); the disco's message said that
Error connecting to https://identityserver.grandnewmaterials.com/.well-known/openid-configuration/jwks: Internal Server Error
what the issue is ?
and why the "cors" post in your webpage is no content? Is it my issue is about the cors?
And how to fix my situation?

question

Source

jingliancui

Most helpful comment

@brockallen Excited to tell you that I had solved this problem by setting the iis setting:
Open IIS7 --> ApplicationPools --> YourAppPool -->RighClikck --> Advanced Settings ---> Load User Profile set this value to true

jingliancui on 2 Apr 2017

👍5 ❤3 😄2

All 10 comments

There's not enough to go on here. You need to check your logs.

brockallen on 1 Apr 2017

@brockallen the log you said iis log?or the program log?
i try to access https://identityserver.grandnewmaterials.com/.well-known/openid-configuration is ok
but https://identityserver.grandnewmaterials.com/.well-known/openid-configuration/jwks is 500
how to get the error message detail?

jingliancui on 1 Apr 2017

I'd suggest looking in all the logs until you find the error message that should have been written for the 500.

brockallen on 1 Apr 2017

@brockallen
Well , thanks for tips.Here is the log message:
When i access https://identityserver.grandnewmaterials.com/.well-known/openid-configuration ,is 200 ok:
2017-04-01 23:20:19.704 +08:00 [Debug] Found ["openid", "profile", "api1"] as all scopes in database 2017-04-01 23:20:19.711 +08:00 [Verbose] Invoking result: "IdentityServer4.Endpoints.Results.DiscoveryDocumentResult" 2017-04-01 23:20:20.083 +08:00 [Information] Request finished in 1584.8941ms 200 application/json

then I access https://identityserver.grandnewmaterials.com/.well-known/openid-configuration/jwks , 500 error message show here:
2017-04-01 23:20:42.704 +08:00 [Information] Request starting HTTP/1.1 GET http://identityserver.grandnewmaterials.com/.well-known/openid-configuration/jwks 2017-04-01 23:20:42.705 +08:00 [Debug] Request path "/.well-known/openid-configuration/jwks" matched to endpoint type Discovery 2017-04-01 23:20:42.705 +08:00 [Debug] Mapping found for endpoint: Discovery, creating handler: "IdentityServer4.Endpoints.DiscoveryEndpoint" 2017-04-01 23:20:42.706 +08:00 [Information] Invoking IdentityServer endpoint: "IdentityServer4.Endpoints.DiscoveryEndpoint" for "/.well-known/openid-configuration/jwks" 2017-04-01 23:20:42.706 +08:00 [Verbose] Processing discovery request. 2017-04-01 23:20:42.710 +08:00 [Debug] Start key discovery request 2017-04-01 23:20:42.774 +08:00 [Fatal] Unhandled exception: "Internal.Cryptography.CryptoThrowHelper+WindowsCryptographicException: 找不到对象。 at System.Security.Cryptography.CngKeyLite.GenerateNewExportableKey(String algorithm, Int32 keySize) at System.Security.Cryptography.RSAImplementation.RSACng.GetDuplicatedKeyHandle() at System.Security.Cryptography.RSAImplementation.RSACng.ExportKeyBlob(Boolean includePrivateParameters) at System.Security.Cryptography.RSAImplementation.RSACng.ExportParameters(Boolean includePrivateParameters) at IdentityServer4.ResponseHandling.DiscoveryResponseGenerator.<CreateJwkDocumentAsync>d__9.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at IdentityServer4.Endpoints.DiscoveryEndpoint.<ExecuteJwksAsync>d__6.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at IdentityServer4.Hosting.IdentityServerMiddleware.<Invoke>d__4.MoveNext()" 2017-04-01 23:20:42.779 +08:00 [Error] Connection id ""0HL3P2ADGJI4E"": An unhandled exception was thrown by the application. Internal.Cryptography.CryptoThrowHelper+WindowsCryptographicException: 找不到对象。 at System.Security.Cryptography.CngKeyLite.GenerateNewExportableKey(String algorithm, Int32 keySize) at System.Security.Cryptography.RSAImplementation.RSACng.GetDuplicatedKeyHandle() at System.Security.Cryptography.RSAImplementation.RSACng.ExportKeyBlob(Boolean includePrivateParameters) at System.Security.Cryptography.RSAImplementation.RSACng.ExportParameters(Boolean includePrivateParameters) at IdentityServer4.ResponseHandling.DiscoveryResponseGenerator.<CreateJwkDocumentAsync>d__9.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at IdentityServer4.Endpoints.DiscoveryEndpoint.<ExecuteJwksAsync>d__6.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at IdentityServer4.Hosting.IdentityServerMiddleware.<Invoke>d__4.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at IdentityServer4.Hosting.IdentityServerMiddleware.<Invoke>d__4.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at IdentityServer4.Hosting.FederatedSignOutMiddleware.<Invoke>d__6.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at IdentityServer4.Hosting.AuthenticationMiddleware.<Invoke>d__2.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware1.d__18.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware1.<Invoke>d__18.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware1.d__18.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware1.<Invoke>d__18.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.AspNetCore.Cors.Infrastructure.CorsMiddleware.<Invoke>d__7.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at IdentityServer4.Hosting.BaseUrlMiddleware.<Invoke>d__2.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.AspNetCore.Server.IISIntegration.IISMiddleware.<Invoke>d__8.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.AspNetCore.Hosting.Internal.RequestServicesContainerMiddleware.<Invoke>d__3.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.AspNetCore.Server.Kestrel.Internal.Http.Frame1.d__2.MoveNext()
2017-04-01 23:20:42.802 +08:00 [Information] Request finished in 97.6057ms 500
`

jingliancui on 1 Apr 2017

Looks like you have some problem from your app pool identity not being able to get access to the signing certificate.

brockallen on 1 Apr 2017

@brockallen ,so is there something suggestion or solution for me to try to solve it?

jingliancui on 1 Apr 2017

No suggestion, other than I think that's the area to focus on.

brockallen on 1 Apr 2017

uh got it~ I had tried to restart the cloude system ,but still no use. If something I can help you please call me .About 12 days later ,I will try to reset this cloud server to cleaning system and try this sample Identity Server 4 Component

jingliancui on 1 Apr 2017

jingliancui on 2 Apr 2017

👍5 ❤3 😄2

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.