apm-agent-dotnet icon indicating copy to clipboard operation
apm-agent-dotnet copied to clipboard
verified publisher icon elastic

[BUG] The SSL connection could not be established

Open khteh opened this issue 2 years ago • 1 comments 

{
    "ElasticApm": {
        "ServiceName": "product-apm",
        "SecretToken": "FixMe",
        "ServerUrl": "https://my-apm-http:8200",
        "ServerCaCertFile": "path to ca cert file mounted from k8s secret",
        "TransactionSampleRate": 1.0,
        "TransactionIgnoreUrls": "/health/*"
    }
}

SecretToken is available as mounted file from k8s secret Program.cs:

    if (File.Exists("path to token file mounted from k8s secret"))
    {
        var elasticApm = builder.Configuration.GetSection(nameof(ElasticApm));
        elasticApm[nameof(ElasticApm.SecretToken)] = System.IO.File.ReadAllText("path to token file mounted from k8s secret");
        builder.Services.Configure<ElasticApm>(elasticApm);
    }
    var app = builder.Build();
    app.UseAllElasticApm(builder.Configuration);

error log:

[myappproduct-1] {"@timestamp":"2023-08-31T10:04:21.9370182+00:00","level":"Warning","messageTemplate":"{{{Scope}}} Failed sending events. Following events were not transferred successfully to the server ({ApmServerUrl}):
    {SerializedItems}","message":"{\"PayloadSenderV2\"} Failed sending events. Following events were not transferred successfully to the server (https://myapp-apm-http:8200/):
    \"Elastic.Apm.Metrics.MetricSet,
    Elastic.Apm.Metrics.MetricSet,
    Elastic.Apm.Metrics.MetricSet,
    Elastic.Apm.Metrics.MetricSet,
    Elastic.Apm.Metrics.MetricSet,
    Elastic.Apm.Metrics.MetricSet,
    Elastic.Apm.Metrics.MetricSet,
    Elastic.Apm.Metrics.MetricSet,
    Elastic.Apm.Metrics.MetricSet\"","exceptions":[{"Depth":0,"ClassName":"System.Net.Http.HttpRequestException","Message":"The SSL connection could not be established, see inner exception.","Source":"System.Net.Http","StackTraceString":"   at System.Net.Http.ConnectHelper.EstablishSslConnectionAsync(SslClientAuthenticationOptions sslOptions, HttpRequestMessage request, Boolean async, Stream stream, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.ConnectAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.CreateHttp11ConnectionAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.AddHttp11ConnectionAsync(QueueItem queueItem)
   at System.Threading.Tasks.TaskCompletionSourceWithCancellation`1.WaitWithCancellationAsync(CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.HttpConnectionWaiter`1.WaitForConnectionAsync(Boolean async, CancellationToken requestCancellationToken)
   at System.Net.Http.HttpConnectionPool.SendWithVersionDetectionAndRetryAsync(HttpRequestMessage request, Boolean async, Boolean doRequestAuth, CancellationToken cancellationToken)
   at System.Net.Http.AuthenticationHelper.SendWithAuthAsync(HttpRequestMessage request, Uri authUri, Boolean async, ICredentials credentials, Boolean preAuthenticate, Boolean isProxyAuth, Boolean doRequestAuth, HttpConnectionPool pool, CancellationToken cancellationToken)
   at System.Net.Http.DiagnosticsHandler.SendAsyncCore(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.HttpClient.<SendAsync>g__Core|83_0(HttpRequestMessage request, HttpCompletionOption completionOption, CancellationTokenSource cts, Boolean disposeCts, CancellationTokenSource pendingRequestsCts, CancellationToken originalCancellationToken)
   at Elastic.Apm.Report.PayloadSenderV2.ProcessQueueItems(Object[] queueItems)","RemoteStackTraceString":null,"RemoteStackIndex":0,"HResult":-2146233087,"HelpURL":null},{"Depth":1,"ClassName":"System.Security.Authentication.AuthenticationException","Message":"The remote certificate was rejected by the provided RemoteCertificateValidationCallback.","Source":"System.Private.CoreLib","StackTraceString":"   at System.Net.Security.SslStream.SendAuthResetSignal(ProtocolToken message, ExceptionDispatchInfo exception)
   at System.Net.Security.SslStream.CompleteHandshake(SslAuthenticationOptions sslAuthenticationOptions)
   at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](Boolean receiveFirst, Byte[] reAuthenticationData, CancellationToken cancellationToken)
   at System.Net.Http.ConnectHelper.EstablishSslConnectionAsync(SslClientAuthenticationOptions sslOptions, HttpRequestMessage request, Boolean async, Stream stream, CancellationToken cancellationToken)","RemoteStackTraceString":null,"RemoteStackIndex":0,"HResult":-2146233087,"HelpURL":null}],"fields":{"Scope":"PayloadSenderV2","ApmServerUrl":"https://myapp-apm-http:8200/","SerializedItems":"Elastic.Apm.Metrics.MetricSet,
    Elastic.Apm.Metrics.MetricSet,
    Elastic.Apm.Metrics.MetricSet,
    Elastic.Apm.Metrics.MetricSet,
    Elastic.Apm.Metrics.MetricSet,
    Elastic.Apm.Metrics.MetricSet,
    Elastic.Apm.Metrics.MetricSet,
    Elastic.Apm.Metrics.MetricSet,
    Elastic.Apm.Metrics.MetricSet","SourceContext":"Elastic.Apm"}}

APM Agent version

The version of the Elastic.Apm nuget package used: <PackageReference Include="Elastic.Apm.NetCoreAll" Version="1.23.0" />

Environment

Operating system and version: Ubuntu 23.04

.NET Framework/Core name and version (e.g. .NET 4.6.2, NET Core 3.1.100) : .Net Core 7.0.110

Application Target Framework(s) (e.g. net462, netcoreapp3.1): net7

Describe the bug

A clear and concise description of what the bug is.

To Reproduce

Steps to reproduce the behavior:

  1. Use this config '...'
  2. Then call '....'
  3. Then do '....'
  4. See error

Expected behavior

A clear and concise description of what you expected to happen.

Actual behavior

khteh avatar Aug 31 '23 10:08 khteh

Any update on this?

khteh avatar Nov 10 '23 09:11 khteh