Mam kilka witryn działających w systemie Azure, intensywnie korzystających z ServiceBus (również hostowanych na Azure), wszystkie w jednym regionie.Okresowy błąd ServiceBus "Certyfikat X.509 CN = servicebus.windows.net nie znajduje się w magazynie zaufanych osób" podczas korzystania z serwisów Azure WebSites
Czasami (raz na 2-3 dni) Mam ten sam błąd na wszystkich stronach internetowych w tym samym czasie (podczas odczytu/czekając na wiadomości):
Microsoft.ServiceBus.Messaging.MessagingCommunicationException:
The X.509 certificate CN=servicebus.windows.net is not in the trusted people store.
The X.509 certificate CN=servicebus.windows.net chain building failed.
The certificate that was used has a trust chain that cannot be verified.
Replace the certificate or change the certificateValidationMode.
A certificate chain could not be built to a trusted root authority.
Pełna StackTrace:
Microsoft.ServiceBus.Messaging.MessagingCommunicationException: The X.509 certificate CN=servicebus.windows.net is not in the trusted people store. The X.509 certificate CN=servicebus.windows.net chain building failed. The certificate that was used has a trust chain that cannot be verified. Replace the certificate or change the certificateValidationMode. A certificate chain could not be built to a trusted root authority.
---> System.ServiceModel.Security.SecurityNegotiationException: The X.509 certificate CN=servicebus.windows.net is not in the trusted people store. The X.509 certificate CN=servicebus.windows.net chain building failed. The certificate that was used has a trust chain that cannot be verified. Replace the certificate or change the certificateValidationMode. A certificate chain could not be built to a trusted root authority.
---> System.IdentityModel.Tokens.SecurityTokenValidationException: The X.509 certificate CN=servicebus.windows.net is not in the trusted people store. The X.509 certificate CN=servicebus.windows.net chain building failed. The certificate that was used has a trust chain that cannot be verified. Replace the certificate or change the certificateValidationMode. A certificate chain could not be built to a trusted root authority.
at System.Net.Security.SslState.InternalEndProcessAuthentication(LazyAsyncResult lazyResult)
at System.Net.Security.SslState.EndProcessAuthentication(IAsyncResult result)
at System.Net.Security.SslStream.EndAuthenticateAsClient(IAsyncResult asyncResult)
at System.ServiceModel.Channels.SslStreamSecurityUpgradeInitiator.InitiateUpgradeAsyncResult.OnCompleteAuthenticateAsClient(IAsyncResult result)
--- End of inner exception stack trace ---
Server stack trace:
at Microsoft.ServiceBus.Messaging.Channels.SharedChannel`1.CreateChannelAsyncResult.<GetAsyncSteps>d__7.MoveNext()
at Microsoft.ServiceBus.Messaging.IteratorAsyncResult`1.EnumerateSteps(CurrentThreadType state)
at Microsoft.ServiceBus.Messaging.IteratorAsyncResult`1.StepCallback(IAsyncResult result)
at Microsoft.ServiceBus.Common.AsyncResult.AsyncCompletionWrapperCallback(IAsyncResult result)
Exception rethrown at [0]:
at Microsoft.ServiceBus.Common.AsyncResult.End[TAsyncResult](IAsyncResult result)
at Microsoft.ServiceBus.Common.AsyncResult`1.End(IAsyncResult asyncResult)
at Microsoft.ServiceBus.Messaging.Channels.SharedChannel`1.OnEndCreateInstance(IAsyncResult asyncResult)
at Microsoft.ServiceBus.Messaging.SingletonManager`1.EndGetInstance(IAsyncResult asyncResult)
at Microsoft.ServiceBus.Messaging.Channels.ReconnectBindingElement.ReconnectChannelFactory`1.RequestSessionChannel.RequestAsyncResult.<GetAsyncSteps>b__2(RequestAsyncResult thisPtr, IAsyncResult r)
at Microsoft.ServiceBus.Messaging.IteratorAsyncResult`1.StepCallback(IAsyncResult result)
Exception rethrown at [1]:
at Microsoft.ServiceBus.Common.AsyncResult.End[TAsyncResult](IAsyncResult result)
at Microsoft.ServiceBus.Common.AsyncResult`1.End(IAsyncResult asyncResult)
at Microsoft.ServiceBus.Messaging.Channels.ReconnectBindingElement.ReconnectChannelFactory`1.RequestSessionChannel.EndRequest(IAsyncResult result)
at Microsoft.ServiceBus.Messaging.Sbmp.RedirectBindingElement.RedirectContainerChannelFactory`1.RedirectContainerSessionChannel.RequestAsyncResult.<>c__DisplayClass17.<GetAsyncSteps>b__a(RequestAsyncResult thisPtr, IAsyncResult r)
at Microsoft.ServiceBus.Messaging.IteratorAsyncResult`1.StepCallback(IAsyncResult result)
Exception rethrown at [2]:
at Microsoft.ServiceBus.Common.AsyncResult.End[TAsyncResult](IAsyncResult result)
at Microsoft.ServiceBus.Common.AsyncResult`1.End(IAsyncResult asyncResult)
at Microsoft.ServiceBus.Messaging.Sbmp.RedirectBindingElement.RedirectContainerChannelFactory`1.RedirectContainerSessionChannel.EndRequest(IAsyncResult result)
at Microsoft.ServiceBus.Messaging.Channels.ReconnectBindingElement.ReconnectChannelFactory`1.RequestSessionChannel.RequestAsyncResult.<GetAsyncSteps>b__4(RequestAsyncResult thisPtr, IAsyncResult r)
at Microsoft.ServiceBus.Messaging.IteratorAsyncResult`1.StepCallback(IAsyncResult result)
Exception rethrown at [3]:
at Microsoft.ServiceBus.Common.AsyncResult.End[TAsyncResult](IAsyncResult result)
at Microsoft.ServiceBus.Common.AsyncResult`1.End(IAsyncResult asyncResult)
at Microsoft.ServiceBus.Messaging.Channels.ReconnectBindingElement.ReconnectChannelFactory`1.RequestSessionChannel.EndRequest(IAsyncResult result)
at Microsoft.ServiceBus.Messaging.Sbmp.CloseOrAbortLinkAsyncResult.<GetAsyncSteps>b__7(CloseOrAbortLinkAsyncResult thisPtr, IAsyncResult a)
at Microsoft.ServiceBus.Messaging.IteratorAsyncResult`1.StepCallback(IAsyncResult result)
Exception rethrown at [4]:
at Microsoft.ServiceBus.Common.AsyncResult.End[TAsyncResult](IAsyncResult result)
at Microsoft.ServiceBus.Messaging.Sbmp.SbmpMessageReceiver.AbandonPrefetchedMessagesCloseAbortAsyncResult.<GetAsyncSteps>b__41(AbandonPrefetchedMessagesCloseAbortAsyncResult thisPtr, IAsyncResult r)
at Microsoft.ServiceBus.Messaging.IteratorAsyncResult`1.StepCallback(IAsyncResult result)
Exception rethrown at [5]:
at Microsoft.ServiceBus.Common.AsyncResult.End[TAsyncResult](IAsyncResult result)
at Microsoft.ServiceBus.Messaging.Sbmp.SbmpMessageReceiver.OnEndClose(IAsyncResult result)
--- End of inner exception stack trace ---
at Microsoft.ServiceBus.Messaging.Sbmp.SbmpMessageReceiver.OnEndClose(IAsyncResult result)
at Microsoft.ServiceBus.Messaging.ClientEntity.OnClose(TimeSpan timeout)
at Microsoft.ServiceBus.Messaging.ClientEntity.Close(TimeSpan timeout)
at Olekstra.Common.QueueReader.<>c__DisplayClass3.<StartTask>b__2(Boolean force)
Używam aktualnej wersji pakietu Microsoft.ServiceBus.dll
NuGet (2.4.0.0), więc odpowiedzi od Google "Zatwierdzenie certyfikatu jest domyślnie wyłączone w ServiceBus 1.8" są bezużyteczne - nie zwróciłem żadnej walidacji na ON, a ponadto - działa wiele godzin z rzędu i kończy się niepowodzeniem tylko raz na 2-3 dni.
Podobny nr answer o aplikacjach hostowanych samodzielnie nie są odpowiednie - witryna działa w systemie Azure, hostując maszyny wirtualne przez personel MS, nie mogę aktualizować żadnych certyfikatów głównych.
Czy ktoś wie, dlaczego klient usługi ServiceBus decyduje się czasami sprawdzić certyfikat SSL i jak wyłączyć to zachowanie?
UPD:
dodałem <add key="Microsoft.ServiceBus.X509RevocationMode" value="NoCheck"/>
w appSettings
w web.config
dwa tygodnie temu - nie ma różnicy.
również reflektor pokazuje, że wartość „nocheck” jest domyślny w Microsoft.ServiceBus.Configuration.ConfigurationHelpers.GetCertificateRevocationMode()
Czy kiedykolwiek dostać się gdziekolwiek z tym problemem? – Ian1971