Errors in the certificate chain (PostgreSQL)

Hello, I am having a SSL exception when I try to connect to my PostgreSQL instance (host: 34.122.12.17). The problems seems to be in the server certificates. Here is the exception:

 

Unhandled exception. System.AggregateException: One or more errors occurred. (The SSL connection could not be established, see inner exception.) (The SSL connection could not be established, see inner exception.) (The SSL connection could not be established, see inner exception.)
 ---> System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.
 ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid because of errors in the certificate chain: NotTimeValid

 

I've tried to restart my instance but the problem persists. I also tried to connect from different locations and the problem still persists.

Do you know what might be the problem? 

Solved Solved
0 5 2,743
1 ACCEPTED SOLUTION

Hi, NikolayIT,

It might be the SSL cert is also being used for the Security Signing Service (STS), see https://stackoverflow.com/questions/60194986/sharepoint-2016-error-nottimevalid-a-required-certifica...

Additionally, you might have ​an old version of OpenSSL, which does not support cross-signed certs and/or, ‘ISRG Root X1’ is untrusted in your environment. See https://stackoverflow.com/questions/69389106/request-some-time-got-the-remote-certificate-is-invalid...

Also, you might need to create a chain of trust, see https://stackoverflow.com/questions/14863999/create-and-verify-x509-certificates-in-net/29527608#295...

Finally, as a workaround you could disable certificate validation.

Please tell me if the mentioned methods worked, I will be waiting for your response.

View solution in original post

5 REPLIES 5

Could you recreate cert by running these commands?

dotnet dev-certs https ––clean
dotnet dev-certs https ––trust

Thank you for your answer! I tried this and it didn't work. As I wrote in my question, the problem seems to be in the server's certificates. This is the inner exception message: 

The remote certificate is invalid because of errors in the certificate chain: NotTimeValid

Hi, NikolayIT,

It might be the SSL cert is also being used for the Security Signing Service (STS), see https://stackoverflow.com/questions/60194986/sharepoint-2016-error-nottimevalid-a-required-certifica...

Additionally, you might have ​an old version of OpenSSL, which does not support cross-signed certs and/or, ‘ISRG Root X1’ is untrusted in your environment. See https://stackoverflow.com/questions/69389106/request-some-time-got-the-remote-certificate-is-invalid...

Also, you might need to create a chain of trust, see https://stackoverflow.com/questions/14863999/create-and-verify-x509-certificates-in-net/29527608#295...

Finally, as a workaround you could disable certificate validation.

Please tell me if the mentioned methods worked, I will be waiting for your response.

None of these methods helped.

Here is the certificate information from a newly created PostgreSQL instance (which btw also gives me the same certificate error):

[Subject]
  C=US, O="Google, Inc", CN=zencodeo:ads-interactions-new

[Issuer]
  C=US, O="Google, Inc", CN=Google Cloud SQL Server CA, dnQualifier=2dc2c3cc-18f0-4af8-ad77-b64116988893

[Serial Number]
  46B7476B

[Not Before]
  10/28/2022 10:36:53 AM

[Not After]
  10/25/2032 10:37:53 AM

[Thumbprint]
  3670003BB633CB297C4DA9AF9EAB1FD6CB7E4C7A

I would like to say that I am so sorry for bothering you.

Actually the error happened to be in a completely different part of my code and it didn't have anything in common with the Postgres connection.

Thank you for your time and sorry again. 🙂