C# 创建SSL连接时的.NET Core 3.1 Alpine映像争用条件
从基于.NET Core 3.1-alpine的docker映像建立SSL连接时,我遇到了竞争情况。在使用基于Debian的图像时,我们以前从未见过这种情况发生 有人遇到过这个问题并且知道如何解决吗 它只发生在非常少量的调用中(这一次发生在MassTransit使用者中,但我们也看到它发生在控制器操作和建立MongoDB连接中):C# 创建SSL连接时的.NET Core 3.1 Alpine映像争用条件,c#,docker,asp.net-core,ssl,alpine,C#,Docker,Asp.net Core,Ssl,Alpine,从基于.NET Core 3.1-alpine的docker映像建立SSL连接时,我遇到了竞争情况。在使用基于Debian的图像时,我们以前从未见过这种情况发生 有人遇到过这个问题并且知道如何解决吗 它只发生在非常少量的调用中(这一次发生在MassTransit使用者中,但我们也看到它发生在控制器操作和建立MongoDB连接中): 我个人认为这可能是.NET core Alpine映像中的一个错误,我应该在github上提交一个问题吗?您读到错误了吗?“进程无法访问文件'/etc/ssl/cer
我个人认为这可能是.NET core Alpine映像中的一个错误,我应该在github上提交一个问题吗?您读到错误了吗?“进程无法访问文件'/etc/ssl/certs',因为它正被另一个进程使用。”@jdweng当然可以,但是除了CachedSystemStoreProvider之外,没有其他进程访问证书,所以这就是为什么我认为实现中存在竞争条件的原因。您是否看到了以下内容:@jdweng no。虽然我不知道是什么让您认为这是相关的,除了提到一个锁定的文件和docker?我制造了一个问题:你读到错误了吗?“进程无法访问文件'/etc/ssl/certs',因为它正被另一个进程使用。”@jdweng当然可以,但是除了CachedSystemStoreProvider之外,没有其他进程访问证书,所以这就是为什么我认为实现中存在竞争条件的原因。您是否看到以下内容:@jdweng no。虽然我不知道是什么让您认为这是相关的,但它提到了一个锁定的文件和docker?我制造了一个问题:
MT-Fault-ConsumerType: MyApp.Api.Consumers.ManifestAvailableConsumer
MT-Fault-ExceptionType: System.IO.IOException
MT-Fault-Message: The process cannot access the file '/etc/ssl/certs' because it is being used by another process.
MT-Fault-MessageType: .Messaging.VideoUrl.Events.ManifestAvailable
MT-Fault-StackTrace: at System.IO.Enumeration.FileSystemEnumerator`1.FindNextEntry(Byte* entryBufferPtr, Int32 bufferLength)
at System.IO.Enumeration.FileSystemEnumerator`1.MoveNext()
at System.Linq.Enumerable.AppendPrependIterator`1.LoadFromEnumerator()
at System.Linq.Enumerable.AppendPrepend1Iterator`1.MoveNext()
at Internal.Cryptography.Pal.CachedSystemStoreProvider.LoadMachineStores(DirectoryInfo rootStorePath, FileInfo rootStoreFile)
at Internal.Cryptography.Pal.CachedSystemStoreProvider.GetCollections()
at Internal.Cryptography.Pal.CachedSystemStoreProvider.GetNativeCollections(SafeX509StackHandle& root, SafeX509StackHandle& intermediate)
at Internal.Cryptography.Pal.OpenSslX509ChainProcessor.InitiateChain(SafeX509Handle leafHandle, DateTime verificationTime, TimeSpan remainingDownloadTime)
at Internal.Cryptography.Pal.ChainPal.BuildChain(Boolean useMachineContext, ICertificatePal cert, X509Certificate2Collection extraStore, OidCollection applicationPolicy, OidCollection certificatePolicy, X509RevocationMode revocationMode, X509RevocationFlag revocationFlag, DateTime verificationTime, TimeSpan timeout)
at System.Security.Cryptography.X509Certificates.X509Chain.Build(X509Certificate2 certificate, Boolean throwOnException)
at System.Net.Security.CertificateValidation.BuildChainAndVerifyProperties(X509Chain chain, X509Certificate2 remoteCertificate, Boolean checkCertName, String hostName)
at System.Net.Security.SecureChannel.VerifyRemoteCertificate(RemoteCertValidationCallback remoteCertValidationCallback, ProtocolToken& alertToken)
at System.Net.Security.SslStream.CompleteHandshake(ProtocolToken& alertToken)
at System.Net.Security.SslStream.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.PartialFrameCallback(AsyncProtocolRequest asyncRequest)
--- End of stack trace from previous location where exception was thrown ---
at System.Net.Security.SslStream.EndProcessAuthentication(IAsyncResult result)
at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization)
--- End of stack trace from previous location where exception was thrown ---
at System.Net.Http.ConnectHelper.EstablishSslConnectionAsyncCore(Stream stream, SslClientAuthenticationOptions sslOptions, CancellationToken cancellationToken)
MT-Fault-Timestamp: 2020-07-27T10:58:37.6888414Z
MT-Host-Assembly: MyApp.Api
MT-Host-AssemblyVersion: 1.0.0.0
MT-Host-FrameworkVersion: 3.1.6
MT-Host-MachineName: placement-6d49dd57d9-mq45j
MT-Host-MassTransitVersion: 6.2.0.0
MT-Host-OperatingSystemVersion: Unix 4.15.0.1082
MT-Host-ProcessId: 1
MT-Host-ProcessName: dotnet
MT-Reason: fault
dtdTraceTagInfo: FW4;-111872945;5;-1869341797;401980;0;-1641347138;256;510e;2h01;3h90941b9b;4h06223c;5h01
publishId: 44