如何为在IIS上运行的aspnet核心应用程序在appsettings.json中配置IdentityServer的关键设置 [英] How to configure key settings for IdentityServer in appsettings.json for aspnet core app running on IIS

问题描述

我使用以下命令创建了具有授权支持的模板Angular/ASP.NET Core:

I created the template Angular / ASP.NET Core with authorisation support using this command:

dotnet new angular --auth Individual

这是一个

• 带有.li的ASP.NET Core 3.0应用
• 用于身份验证和存储用户的ASP.NET Core身份
• 用于实现Open ID Connect的IdentityServer4，
• Angular SPA，

所有预先配置为可以协同工作.

All pre-configured to work together.

在基于此模板部署应用程序之前，我正在尝试先将此模板应用程序部署到IIS.

我已经将该应用程序部署到IIS并进行了数据库设置，并且该应用程序可以很好地连接到它，但是我遇到了麻烦.我不确定如何创建和配置用于签名令牌的生产证书.

I've deployed the app to IIS and have a database setup and the app connected to it just fine, but I'm stuck. I am not sure how to create and configure the production certificate to use for signing tokens.

在 Microsoft文档中的这一点简要提及用于签名令牌的生产证书".并给出了部署到Azure的示例.

At this point in the Microsoft docs it briefly mentions "A production certificate to use for signing tokens." and gives and example for deployment to Azure.

如何在IIS中创建密钥?你在这里做什么?

How do I create the key in IIS? do you do something here?

然后如何将正确的设置添加到appsettings.json?

Then how do I then add the correct settings to appsettings.json?

"IdentityServer": {
  "Key": {
    "Type": "Store",
    "StoreName": "My",
    "StoreLocation": "CurrentUser",
    "Name": "CN=MyApplication"
  }
}

我正努力在网上找到任何指南或示例，希望能向正确的方向提供帮助或指导.

I'm struggling to find any guides or examples on the net, any help or point in the right direction would be appreciated.

推荐答案

我还发现文档不够全面.我设法将一个有角度的应用程序部署到了天蓝色.我不确定是否类似于IIS的部署.但这也许可以帮助您找到解决问题的方法.

I also found that the documentation is not comperhensive enough. I managed to deploy the an angular app to azure. Im not sure if it similar to the deployment to IIS. But may be this could help you to find the solution for your problem.

部署到Azure:

首先，您必须将(自签名)证书(.pfx)上传到azure应用程序服务.我使用本指南来创建自签名证书.

First you have to upload the (self signed) certificate (.pfx) to azure app service. I used this guide to create self signed certificate.

上传证书图像

还必须通过将指纹添加到应用程序设置中来使证书可用.见图片.

You also have to make the certificate available by adding the thumbprint into the application setting. see image.

请不要忘记更新您的appsettings.json，这样您的应用程序就可以访问上一步中的证书.

Dont forget to update your appsettings.json so your app can access the certificate from the previous step.

"IdentityServer": {
  "Key": {
    "Type": "Store",
    "StoreName": "My",
    "StoreLocation": "CurrentUser",
    "Name": "CN=yourApp-domain.com"
  }
}

如果遇到问题.将appservice中的环境变量更改为"Development"以查看错误的详细信息.像这样.

If you encounter problem. Change the environtment variable in appservice to "Development" to see detail information of the error. like this.

更改环境变量

这篇关于如何为在IIS上运行的aspnet核心应用程序在appsettings.json中配置IdentityServer的关键设置的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！