Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PowerShell SSL Script in DevelopmentContainers.md needs updating #94

Open
NoralK opened this issue Apr 26, 2023 · 2 comments
Open

PowerShell SSL Script in DevelopmentContainers.md needs updating #94

NoralK opened this issue Apr 26, 2023 · 2 comments

Comments

@NoralK
Copy link

NoralK commented Apr 26, 2023

Describe the bug
The PowerShell SSL Script provided #6, under Starting working with SPFx when you run Docker locally, is erroring out.

To Reproduce
Steps to reproduce the behavior:

  1. Run the script as provided and it will produce this error
Exception calling "AuthenticateAsClient" with "1" argument(s): "A call to SSPI failed, see inner exception."
At D:\NGK\PnP\Calendar-Updated\Install-SSLCertificate.ps1:6 char:1
+ $sslStream.AuthenticateAsClient('');
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
    + FullyQualifiedErrorId : AuthenticationException
 
Exception calling "Add" with "1" argument(s): "pCertContext is an invalid handle."
At D:\NGK\PnP\Calendar-Updated\Install-SSLCertificate.ps1:14 char:1
+ $store.add($x509Certificate);
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
    + FullyQualifiedErrorId : CryptographicException

Expected behavior
No errors and the Cert installed into the store.

Screenshots
N/A

Desktop (please complete the following information):

  • OS: Windows 10 Ent
  • Shell PowerShell
  • Any

Additional context
To resolve the issue change line 6 from
$sslStream.AuthenticateAsClient('');
to
$sslStream.AuthenticateAsClient( $HostAddress, $null, [System.Net.SecurityProtocolType]'Tls, Tls12', $false )
@waldekmastykarz
Copy link
Member

@NoralK would you be willing to submit a PR? @shurick81 would you be willing to review the proposed solution?

@shurick81
Copy link
Contributor

shurick81 commented Jun 5, 2023
edited

Hi @NoralK it's vey curious what you are bringing up! Do you know how to replicate this issue? Can it happen when some specific TLS configuration of http client are in place?

I wonder what output you get from the following PS lines?

[Net.ServicePointManager]::SecurityProtocol
[enum]::GetNames([System.Net.SecurityProtocolType])

Here's what I get on my Win 11 machine:

PS C:\Users\asa> [Net.ServicePointManager]::SecurityProtocol
SystemDefault
PS C:\Users\asa> [enum]::GetNames([System.Net.SecurityProtocolType])
SystemDefault
Ssl3
Tls
Tls11
Tls12
Tls13

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@waldekmastykarz @shurick81 @NoralK