Part 2 will configure the web application to communicate with the RavenDB cluster via IIS. We'll also see whats required if you are running your application as a windows service.

RavenDb 4 Part 2 - Client Configuration

May 23 2019

You are looking at revision 10 of this page, which may be out of date. View the latest version.

Part 1 of this article can be found here

Architecture Diagram

Now we have our RavenDb servers set up lets create a web app from scratch that will communicate with the RavenDb cluster.

dotnet new webapp -o ravendemo
dotnet add package RavenDB.Client --version 4.1.5
dotnet add package Microsoft.AspNetCore.Hosting.WindowsServices

We need our web app to be able to run as a service so in Program.cs replace CreateWebHostBuilder(args).Build().Run with:

var host = CreateWebHostBuilder(args).Build();
var isService = args.Contains("--service");
if (isService)
{
	var baseDirectory = new FileInfo(Assembly.GetEntryAssembly().Location).Directory.FullName;
	Directory.SetCurrentDirectory(baseDirectory);
}
if (isService)
{
	ServiceBase.Run(new WebHostService(host));
}
else
{
	host.Run();
}

Lets now add some code to configure the RavenDb DocumentStore singleton. Be sure to copy client.pfx to the output directory. For brevity the definition of the `Order class has been omitted.

var store = new DocumentStore { Urls = new[] { "https://raven1.mooo.com:8080" }, Database="TestDb"};
store.Conventions.IdentityPartsSeparator = "-";	
X509Certificate2 certificate = new X509Certificate2(Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "client.pfx"));	
store.Certificate = certificate;
store.Initialize();
using(var session = store.OpenSession())
{
	session.Store(new Order { Name="order1"});
	session.SaveChanges();
}

When you run this you receive an error

The SSL connection could not be established, see inner exception. -> The remote certificate is invalid according to the validation procedure.'

The certificate is not trusted as it is signed by an untrusted CA. Fix this by importing client.pfx which also contains the CA certificate. Note that this time we will import the certificate into Local Computer by omitting the -user flag. You will thus need to run the following in an Admin Powershell prompt:

certutil -f -importpfx z:\client.pfx

instead lets use

var x509 = new X509Store(StoreLocation.LocalMachine);
x509.Open(OpenFlags.ReadOnly);
var certificate = x509.Certificates.Find(X509FindType.FindBySubjectName, "*.mooo.com", true)[0];

Posted by: Wallace Turner
Last revised: 27 May, 2019 05:39 AM History

You are looking at revision 10 of this page, which may be out of date. View the latest version.

Comments

No comments yet. Be the first!

No new comments are allowed on this post.