Issue with wildcard certificate on install #2140
-
Hi - I've just done a fresh install of SEQ on a Windows server, and I've setup the listening URL as https://seq.example.corp. I have a *.example.corp wildcard cert in the local machine / personal store. When I start the SEQ service, it stops straight away, and in the error logs show this: System.InvalidOperationException: The requested certificate seq.example.corp could not be found in LocalMachine/My with AllowInvalid setting: True.\r\n at Microsoft.AspNetCore.Server.Kestrel.Https.CertificateLoader.LoadFromStoreCert(String subject, String storeName, StoreLocation storeLocation, Boolean allowInvalid)\r\n Is there a way to tell it to use the wildcard rather than trying to match the certificate name? I would prefer not to have to issue a specific cert just for this. I tried using the seq-bindssl command, but it saying that it's not supported under Kestrel. Do I have to change to http.sys as per https://docs.datalust.co/docs/ssl? C:\Users\pa009999>seq bind-ssl --thumbprint="" |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments 1 reply
-
Hi @tspencer-all, thanks for raising this! I think, temporarily, switching to HTTP.sys will be the quickest way to get up and running. We're currently assembling a few patches for 2024.2, I'll have a look into this and see if a fix can be rolled in, I think it's an oversight in how we implemented certificate loading under Kestrel. |
Beta Was this translation helpful? Give feedback.
-
No worries - yep did that and it's working now. Thanks for the response! |
Beta Was this translation helpful? Give feedback.
Hi @tspencer-all, thanks for raising this!
I think, temporarily, switching to HTTP.sys will be the quickest way to get up and running.
We're currently assembling a few patches for 2024.2, I'll have a look into this and see if a fix can be rolled in, I think it's an oversight in how we implemented certificate loading under Kestrel.