none
Azure Functions using App Service Plan: The remote certificate is invalid according to the validation procedure RRS feed

  • Question

  • I have problem connecting remote FTP server using certificates on Azure Functions using App Service Plan, got the exception below:

    > The remote certificate is invalid according to the validation
    > procedure. System.Exception
    > System.Security.Authentication.AuthenticationException

    Below is my **setup on Azure Functions**

    1.Two public certificates have been uploaded to Azure Functions like below by following the link below:

    https://docs.microsoft.com/en-us/azure/app-service/app-service-web-ssl-cert-load

    Please note the location above, `App Service Plan` is used, so should it be `LocalMachine\My`?

    > This setting places the specified certificates in the Current User\My
    > store for most pricing tiers, but in the Isolated tier (i.e. app runs
    > in an App Service Environment), it places the certificates in the
    > Local Machine\My store.

    https://docs.microsoft.com/en-us/azure/app-service/app-service-web-ssl-cert-load


    2.The code below is also used to load the certificate on Azure Functions.

    https://docs.microsoft.com/en-us/azure/app-service/app-service-web-ssl-cert-load#load-the-certificate-in-code

        X509Store certStore = new X509Store(StoreName.My, StoreLocation.CurrentUser);
        certStore.Open(OpenFlags.ReadOnly);
        X509Certificate2Collection certCollection = certStore.Certificates.Find(
                                    X509FindType.FindByThumbprint,
                                    // Replace below with your certificate's thumbprint
                                    "E661583E8FABEF4C0BEF694CBC41C28FB81CD870",
                                    false);
        // Get the first cert with the thumbprint
        if (certCollection.Count > 0)
        {
            X509Certificate2 cert = certCollection[0];
            // Use certificate
            Console.WriteLine(cert.FriendlyName);
        }
        certStore.Close();

    Below is my **setup locally**

    It has no problem connecting to remote FTP server on my local machine using the code below, in combination of the two certificate setup on my local machine below

         private X509Certificate2 GetX509Certificate2FromFile()
            {
                return new X509Certificate2(Path.Combine("myCert.cer"));
            }


    **Root CA certificate** is installed under `Trusted Root Certificate Authorities` folder

    **Issuing CA certificate** installed under `Intermediate Certificated Authorities` folder

    • Edited by Pingpong689 Tuesday, September 17, 2019 11:04 AM
    Tuesday, September 17, 2019 11:03 AM

All replies