Docker and Ocelot: The remote certificate is invalid because of errors in the certificate chain: PartialChain

Question

I have deployed 2 docker containers (on my machine only)

• Container 1 (its a Api Gateway project) is hosted on 6001
• Container 2 is hosted on 7001

I have created a self signed certificate using OPEN SSL as mentioned in [Self Signed Certificate][1]

The API Gateway project is implemented using Ocelot

{
  "Routes": [
    {
      "DownstreamPathTemplate": "/api/Role",
      "DownstreamScheme": "https",
      "DownstreamHostAndPorts": [
        {
          "Host": "192.168.0.101",
          "Port": 7001
        }
      ],
      "UpstreamPathTemplate": "/api/role",
      "UpstreamHttpMethod": [ "get" ]
    }   
  ],
  "GlobalConfiguration": {
    "BaseURL": "https://192.168.0.101:6001"
  }
}

The following URLs https://192.168.0.101:7001/api/role and https://192.168.0.101:6001/api/index are woking fine through browser. By fine I mean no certificate error.

But when I try access the /api/role through API project i.e., https://192.168.0.101:6001/api/role it throws below error:

1. This page isn’t working in the browser

2. And in the console i get The remote certificate is invalid because of errors in the certificate chain: PartialChain as shown below.

gateway  | info: Ocelot.RateLimit.Middleware.ClientRateLimitMiddleware[0]
gateway  |       requestId: 0HN0H1OSQDUEG:00000001, previousRequestId: No PreviousRequestId, message: 'EndpointRateLimiting is not enabled for /api/Role'
gateway  | info: Ocelot.Authentication.Middleware.AuthenticationMiddleware[0]
gateway  |       requestId: 0HN0H1OSQDUEG:00000001, previousRequestId: No PreviousRequestId, message: 'No authentication needed for /api/role'
gateway  | info: Ocelot.Authorization.Middleware.AuthorizationMiddleware[0]
gateway  |       requestId: 0HN0H1OSQDUEG:00000001, previousRequestId: No PreviousRequestId, message: '/api/Role route does not require user to be authorized'
gateway  | warn: Ocelot.Responder.Middleware.ResponderMiddleware[0]
gateway  |       requestId: 0HN0H1OSQDUEG:00000001, previousRequestId: No PreviousRequestId, message: 'Error Code: ConnectionToDownstreamServiceError Message: Error connecting to downstream service, exception: System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.
gateway  |        ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid because of errors in the certificate chain: PartialChain
gateway  |          at System.Net.Security.SslStream.SendAuthResetSignal(ReadOnlySpan`1 alert, ExceptionDispatchInfo exception)
gateway  |          at System.Net.Security.SslStream.CompleteHandshake(SslAuthenticationOptions sslAuthenticationOptions)
gateway  |          at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](Boolean receiveFirst, Byte[] reAuthenticationData, CancellationToken cancellationToken)
gateway  |          at System.Net.Http.ConnectHelper.EstablishSslConnectionAsync(SslClientAuthenticationOptions sslOptions, HttpRequestMessage request, Boolean async, Stream stream, CancellationToken cancellationToken)

All I want is to host docker containers (SSL) on docker desktop with self signed certificate.

What I am missing here?