[The SSL connection could not be established, see inner exception.] Mac os

Questions
1

Hi, I have problems installing the direct shipment and direct payment app on mac.
Anyone got any ideas?

It happens when I paste in the url: https://directshipment.localtest.me:10021 and trying to install the app.

Error message in BO

[The SSL connection could not be established, see inner exception.]

Log files

Nothing in the apps log file.

Noting in the solution log file.

I used to get an error message in the apps log file stating:
Stopped program because of exception Interop+Crypto+OpenSslCryptographicException: error:2006D080:BIO routines:BIO_new_file:no such file

This went away after I changed the dns in direct shipment yml to:

    dns: 
    - 192.168.65.254

Docker compose

version: '3'
services:
  dnsresolver:
    image: cytopia/bind:stable-0.28
    container_name: dnsresolver
    ports:
        - '127.0.0.1:53:53/tcp'
        - '127.0.0.1:53:53/udp'
    environment:
        - DNS_CNAME=*.localtest.me=host.docker.internal
        - DNS_FORWARDER=192.168.65.7
    dns: 192.168.65.7
    restart:
        unless-stopped

  direct-shipment:
    image: registry.litium.cloud/apps/direct-shipment:latest
    dns: 
    - 192.168.65.254
    restart: unless-stopped
    ports:
    - "10020:80"
    - "10021:443"
    environment:
    # Enable HTTPS binding
    - ASPNETCORE_URLS=https://+;http://+
    - ASPNETCORE_HTTPS_PORT=10021
    # Configuration for HTTPS inside the container, exported dotnet dev-certs with corresponding password
    - ASPNETCORE_Kestrel__Certificates__Default__Password=SuperSecretPassword
    - ASPNETCORE_Kestrel__Certificates__Default__Path=/https/localhost.pfx
    # Folder for the configuraiton, this is volume-mapped
    - CONFIG_PATH=/app_config
    # Folder where logfiles should be placed, this is volume-mapped
    - APP_LOG_PATH=/logs
    # Don't validate certificates
    - AppConfiguration__ValidateCertificate=false
    # Url to this app
    - AppMetadata__AppUrl=https://directshipment.localtest.me:10021
    # Url to the litium installation
    - LitiumApi__ApiUrl=https://accelerator.localtest.me:5001

    volumes:
    - directshipment_appdata:/app_data
    - directshipment_appconfig:/app_config
    - directshipment_logs:/logs
    - directshipment_dataprotection:/root/.aspnet/DataProtection-Keys
    - https_cert:/https:ro

volumes:
  directshipment_appdata:
  directshipment_appconfig:
  directshipment_logs:
  directshipment_dataprotection:
  directshipment_https:
  https_cert:
    driver: local
    driver_opts:
      o: bind
      type: none
      device: ./data/https

cert file

image
image2036×154 9.72 KB

2

The url ends up looking like:

https://accelerator.localtest.me:5001/Litium/UI/login?redirectUrl=%2FLitium%2FUI%2Fsettings%2Fsystem%2Fappmanagement%2Finstall%3Furl%3Dhttps:%252F%252Fdirectshipment.localtest.me:10021%252Fapi%252Flitium-app%252Fmetadata&bc=install:appmanagement

But in the Litium log it is logging the message with http

Start processing HTTP request GET http://directshipment.localtest.me:10021/api/litium-app/metadata

3

So I was able to install direct shipment by first making a tunnel via ngrok to port 10021.
I got an internal server error back when I tried the installation url via https and 10021.
But when I tried the installation url via http and 10020 it worked.

Any ideas?

4

Could you perhaps try this:

dotnet dev-certs https -ep ~/.aspnet/https/localhost.pfx -p SuperSecretPassword
dotnet dev-certs https --trust

You should be able to find a new (or the same…) certficate then located at ~/.aspnet/https/localhost.pfx with the password you provided. Copy this to the https directory.

Another little tip is to actually set a version on your apps instead of :latest :slight_smile: - Litiums repo aren’t properly tagged.

5

Thank you Michaela I tried what you said, but I think I’ve finally found a way for me to install the apps.

So I had a problem where I got the error:
[The SSL connection could not be established, see inner exception.]

But I could not see any error log messages either in the app, or the litium log, as I wrote in the first post.

What I could see in the Litium app was that the http client logical handler was making a request to the app, and that’s it.

What I tried now was that I changed the url
From: https://anysubdomain.localtest.me:10021
To: https://localhost:10021

Now I got a new error in BO

image

And in logs I now get an error:

System.InvalidOperationException: IDX20803: Unable to obtain configuration from: 'System.String'

It’s logging something else in the stacktrace which might be of interest:

System.Net.Http.HttpRequestException: Resource temporarily unavailable (yoursubdomain.localtest.me:5001)

Seems like a DNS issue.

According to this forum post the solution was to change the entry of the dns of the payment/shipment app to 192.168.65.254

I tried this a while back and it didn’t work, because as Niklas say you should try to do the following command:
nslookup http://litium.localtest.me 127.0.0.1

And get back:

Server:		127.0.0.1
Address:	127.0.0.1#53

Non-authoritative answer:
http://litium.localtest.me	canonical name = host.docker.internal.
Name:	host.docker.internal
Address: 192.168.65.254

This did not work before, but now it did ¯|(ツ)/¯ could’ve been that I did not have my Docker desktop up to date but ¯|(ツ)

The lookup is for the domain localtest.me so you can use any subdomain, it should not matter:

> nslookup http://wellthiscouldbeanysubdomain.localtest.me 127.0.0.1

Server:		127.0.0.1
Address:	127.0.0.1#53

Non-authoritative answer:
http://wellthiscouldbeanysubdomain.localtest.me	canonical name = host.docker.internal.
Name:	host.docker.internal
Address: 192.168.65.254

I changed back the DNS value to this address:

image
image854×274 20.4 KB

And Voila.
image

Some of my dear friends also recommended me:

Creating a container with the port 53 fails with the error address already in use. As a workaround, deactivate network acceleration by adding "kernelForUDP": false, in the settings.json file located at ~/Library/Group Containers/group.com.docker/settings.json.

Here is my docker-compose file in case this might be of help

version: '3'
services:
  dnsresolver:
    image: cytopia/bind:stable-0.28
    container_name: dnsresolver
    ports:
      - 53:53/tcp
      - 53:53/udp
    environment:
        - DNS_CNAME=*.localtest.me=host.docker.internal
        - DNS_FORWARDER=192.168.65.7
        - ALLOW_QUERY=any
    dns: 192.168.65.7
    restart:
        unless-stopped

  direct-payment:
    image: registry.litium.cloud/apps/direct-payment:1.3.0
    dns: 
    - 192.168.65.254
    restart: unless-stopped
    ports:
    - "10010:80"
    - "10011:443"
    environment:
    # Enable HTTPS binding
    - ASPNETCORE_URLS=https://+;http://+
    - ASPNETCORE_HTTPS_PORT=10011
    # Configuration for HTTPS inside the container, exported dotnet dev-certs with corresponding password
    - ASPNETCORE_Kestrel__Certificates__Default__Password=SuperSecretPassword
    - ASPNETCORE_Kestrel__Certificates__Default__Path=/https/localhost.pfx
    # Folder for the configuraiton, this is volume-mapped
    - CONFIG_PATH=/app_config
    # Folder where logfiles should be placed, this is volume-mapped
    - APP_LOG_PATH=/logs
    # Don't validate certificates
    - AppConfiguration__ValidateCertificate=false
    # Url to this app
    - AppMetadata__AppUrl=https://localhost:10021
    # Url to the litium installation
    - LitiumApi__ApiUrl=https://yourdomain.localtest.me:5001/

    volumes:
    - ./data/direct-payment/config:/app_config
    - ./data/direct-payment/data:/app_data
    - ./data/direct-payment/logs:/logs
    - ./data/direct-payment/DataProtection-Keys:/root/.aspnet/DataProtection-Keys
    - https_cert:/https:ro

  direct-shipment:
    image: registry.litium.cloud/apps/direct-shipment:1.2.0
    dns: 
    - 192.168.65.254
    restart: unless-stopped
    ports:
    - "10020:80"
    - "10021:443"
    environment:
    # Enable HTTPS binding
    - ASPNETCORE_URLS=https://+;http://+
    #- ASPNETCORE_URLS=https://+
    - ASPNETCORE_HTTPS_PORT=10021
    # Configuration for HTTPS inside the container, exported dotnet dev-certs with corresponding password
    - ASPNETCORE_Kestrel__Certificates__Default__Password=SuperSecretPassword
    - ASPNETCORE_Kestrel__Certificates__Default__Path=/https/localhost.pfx
    # Folder for the configuraiton, this is volume-mapped
    - CONFIG_PATH=/app_config
    # Folder where logfiles should be placed, this is volume-mapped
    - APP_LOG_PATH=/logs
    # Don't validate certificates
    - AppConfiguration__ValidateCertificate=false
    # Url to this app
    - AppMetadata__AppUrl=https://localhost:10021
    # Url to the litium installation
    - LitiumApi__ApiUrl=https://yourdomain.localtest.me:5001/

    volumes:
    - ./data/direct-shipment/config:/app_config
    - ./data/direct-shipment/data:/app_data
    - ./data/direct-shipment/logs:/logs
    - ./data/direct-shipment/DataProtection-Keys:/root/.aspnet/DataProtection-Keys
    - https_cert:/https:ro

volumes:
  https_cert:
    driver: local
    driver_opts:
      o: bind
      type: none
      device: ./data/https

Docker desktop version: v4.27.1
Litium version: 8.11.6
OS: Mac OS M2 chip

6

yes your containers need to be up and running for “nslookup http://litium.localtest.me 127.0.0.1” to work.
then you stop them and change dns if needed.

but what was it that you changed in your docker compose from the first on?