I'm running a .NET Core app in Ubuntu and trying to connect to a cloud RavenDB instance with the following:
var bytes = File.ReadAllBytes("/etc/ssl/certs/foo.pfx");
var clientCert = new X509Certificate2(bytes, "foo");
var store = new DocumentStore
{
Urls = new[] { "https://a.free.foo.ravendb.cloud" },
Certificate = clientCert,
Database = "FooDatabase"
};
store.Initialize();
builder.Services.AddSingleton<IDocumentStore>(store);
When the app starts, I receive the following error:
System.Security.Cryptography.CryptographicException: ASN1 corrupted data.
---> System.Formats.Asn1.AsnContentException: The encoded length exceeds the maximum supported by this library (Int32.MaxValue).
at System.Formats.Asn1.AsnDecoder.ReadLength(ReadOnlySpan1 source, AsnEncodingRules ruleSet, Int32& bytesConsumed) at System.Formats.Asn1.AsnDecoder.ReadEncodedValue(ReadOnlySpan1 source, AsnEncodingRules ruleSet, Int32& contentOffset, Int32& contentLength, Int32& bytesConsumed)
at Internal.Cryptography.Pal.UnixPkcs12Reader.ParsePkcs12(ReadOnlySpan`1 data)
Do I need to load/install the pfx file onto the server in a certain way?
It looks like my issue was my pfx file was corrupted somehow. Probably due to the way I tried to copy it to the server. After re-uploading my pfx file, I was able to use the following:
var clientCert = new X509Certificate2("/etc/ssl/certs/foo.pfx");
You don't need to call ReadAllBytes.