Live-share: The remote certificate is invalid according to the validation procedure
Issue Type: Bug
I click Join collaboration session or Start Collaboration session. I signing with Microsoft account then in VS Code I see the message "The user code is invalid or expired. Try signing in again."
Extension version: 1.0.2354
VS Code version: Code 1.44.2 (ff915844119ce9485abfe8aa9076ec76b5300ddd, 2020-04-16T17:07:18.473Z)
OS version: Darwin x64 19.5.0
System Info
|Item|Value|
|---|---|
|CPUs|Intel(R) Core(TM) i9-8950HK CPU @ 2.90GHz (12 x 2900)|
|GPU Status|2d_canvas: enabled
flash_3d: enabled
flash_stage3d: enabled
flash_stage3d_baseline: enabled
gpu_compositing: enabled
metal: disabled_off
multiple_raster_threads: enabled_on
oop_rasterization: disabled_off
protected_video_decode: unavailable_off
rasterization: enabled
skia_renderer: disabled_off_ok
video_decode: enabled
viz_display_compositor: enabled_on
viz_hit_test_surface_layer: disabled_off_ok
webgl: enabled
webgl2: enabled|
|Load (avg)|2, 2, 2|
|Memory (System)|32.00GB (16.36GB free)|
|Process Argv||
|Screen Reader|no|
|VM|0%|
abi90
All 8 comments
My OS is macOS Catalina version 10.15.5 and I'm behind a corporate proxy.
My teammates have a different OS (macOS Mojave version 10.14.6) and they can start and join a session.
Looking at the logs I found the following error:
[2020-06-19 14:18:19.111 Agent V] Creating Hub connection service with uri:https://signlr-prod.core.vsengsaas.visualstudio.com/api/signalr/signalrhub
[2020-06-19 14:18:19.194 Agent.Proxy I] Reading proxy from auto configuration url.
[2020-06-19 14:18:19.452 Agent.Proxy I] Reading proxy from auto configuration url.
[2020-06-19 14:18:20.488 Agent.Proxy W] Connecting to <https://prod.liveshare.vsengsaas.visualstudio.com/ac65be8f> via proxy failed with exception System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.
---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
at System.Net.Security.SslStream.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception)
at System.Net.Security.SslStream.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.PartialFrameCallback(AsyncProtocolRequest asyncRequest)
--- End of stack trace from previous location where exception was thrown ---
at System.Net.Security.SslStream.ThrowIfExceptional()
at System.Net.Security.SslStream.InternalEndProcessAuthentication(LazyAsyncResult lazyResult)
at System.Net.Security.SslStream.EndProcessAuthentication(IAsyncResult result)
at System.Net.Security.SslStream.EndAuthenticateAsClient(IAsyncResult asyncResult)
at System.Net.Security.SslStream.<>c.<AuthenticateAsClientAsync>b__65_1(IAsyncResult iar)
at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization)
--- End of stack trace from previous location where exception was thrown ---
at System.Net.Http.ConnectHelper.EstablishSslConnectionAsyncCore(Stream stream, SslClientAuthenticationOptions sslOptions, CancellationToken cancellationToken)
--- End of inner exception stack trace ---
at System.Net.Http.ConnectHelper.EstablishSslConnectionAsyncCore(Stream stream, SslClientAuthenticationOptions sslOptions, CancellationToken cancellationToken)
at System.Net.Http.HttpConnectionPool.ConnectAsync(HttpRequestMessage request, Boolean allowHttp2, CancellationToken cancellationToken)
at System.Net.Http.HttpConnectionPool.CreateHttp11ConnectionAsync(HttpRequestMessage request, CancellationToken cancellationToken)
at System.Net.Http.HttpConnectionPool.GetHttpConnectionAsync(HttpRequestMessage request, CancellationToken cancellationToken)
at System.Net.Http.HttpConnectionPool.SendWithRetryAsync(HttpRequestMessage request, Boolean doRequestAuth, CancellationToken cancellationToken)
at System.Net.Http.HttpClient.FinishSendAsyncBuffered(Task`1 sendTask, HttpRequestMessage request, CancellationTokenSource cts, Boolean disposeCts)
at Microsoft.Cascade.Agent.DefaultWebProxy.ConnectToUriAsync(Uri targetUri, CancellationToken cancellationToken) in C:\A\vs2019mb-00003I-1\_work\38\s\src\Agent\DefaultWebProxy.cs:line 82
[2020-06-19 14:18:20.502 Agent V] Create service from factory Name: contactService-LivesharePresence Type: Agent.PresenceService.PresenceServiceProviderFactory Service Type: IContactServiceProvider Priority: 150
Also seeing this issue. I am able to use wget to access https://prod.liveshare.vsengsaas.visualstudio.com but my system curl fails. Wonder if it could be related to that.
I've got a more esoteric system though. Hacked together a setup on CentOS 6.
mill1000
on 25 Jun 2020
Rebuilt curl and libcurl to curl 7.71.0 (x86_64-pc-linux-gnu) libcurl/7.71.0 OpenSSL/1.0.2u zlib/1.2.11.
I can now connect to the above address via curl on the command line but still no luck getting past the SSL error. Hard to tell which ssl lib dotnet is actually using.
mill1000
on 26 Jun 2020
Our company's Catalina users are also seeing this (previous version of MacOS and Win10 working fine). Coworker said updating the version of .NET from 3.1.1 (auto downloaded by live-share) to 5.something seemed to solve the problem, but not sure exactly which version actually contained the fix. Would be nice to get a newer version of .NET bundled to avoid this altogether.
jmanj78
on 26 Aug 2020
@jmanj78 how did your coworker manage to change the .NET version auto downloaded by live-share?
abi90
on 2 Sep 2020
I manage to change the .NET version.
The steps I follow are:
- Open VS Code and run
command+shift+p - Type shell command and select Install code command in path
- Download and install .NET 5.0.0 from https://dotnet.microsoft.com/download/dotnet/5.0
- Open a new terminal and run
dotnet --list-runtimes - Copy the version at the right of Microsoft.NETCore.App
- Run
cd ~/Library/Application\ Support/Code/User/globalStorage/ms-vsliveshare.vsliveshare - Run
code . - In vscode project explorer rename
donet-3.1.1todonet-3.1.1_old - Run
ln -s /usr/local/share/dotnet ~/Library/Application\ Support/Code/User/globalStorage/ms-vsliveshare.vsliveshare/dotnet-3.1.1 - Run
cd ~/.vscode/extensions/ms-vsliveshare.vsliveshare-1.0.2902 - Run
code . - Search for
"3.1.1" - Replace runtime configs in the 3 files with the version from step 5 (in my case
"5.0.0-rc.1.20451.14") - Close all vs code windows
- Live share should work now
abi90
on 30 Sep 2020
@abi90 those instructions fixed my setup when nothing else could. Thank you so much!
Sam-Martin
on 2 Oct 2020
.NET 5 was finally released last week. Is there any ETA for when Live Share will upgrade from 3.1? Based on @abi90's comment, it sounds like it's a drop-in replacement.
mitchellmebane
on 18 Nov 2020
Related issues
evasgit
路
3Comments
jleider
路
3Comments
arc95
路
3Comments
Chuxel
路
3Comments
YardGnomeNinja
路
3Comments
Most helpful comment
.NET 5 was finally released last week. Is there any ETA for when Live Share will upgrade from 3.1? Based on @abi90's comment, it sounds like it's a drop-in replacement.