该网站无法提供安全的连接 [英] This site can’t provide a secure connection

问题描述

当我在web.config中添加URL重写代码，然后将其发布到Azure中时.即使我尝试使用http访问网站，它也会自动重定向到https.

When I added the URL rewrite code in web.config and then publish it into azure. it will automatically redirects to https even I am trying to access website with http.

<rewrite>
  <rules>
    <rule name="Redirect to https">
      <match url="(.*)"/>
      <conditions>
        <add input="{HTTPS}" pattern="Off"/>
      </conditions>
      <action type="Redirect" url="https://{HTTP_HOST}/{R:1}"/>
    </rule>
  </rules>
</rewrite>

但是当我在本地计算机上运行相同的代码时，会出现以下错误.

But when I run the same code in my local machine it gives the below error.

该网站无法提供安全的连接

在本地计算机上运行上述代码时，如何解决上述错误?

How can I resolve the above error when I run the above code in my local machine?

推荐答案

我个人所做的就是将重写配置写入Web.Release.config中，这恰好是让它在本地运行有点儿麻烦.

What I do personally is put that rewrite configuration into Web.Release.config precisely because it is a bit fiddly to get it working locally.

问题在于IIS Express将在不同端口上公开HTTP和HTTPS，因此，如果您从 http://localhost:1234 重定向到 https://localhost:1234 ，它根本就行不通，因为IIS Express在诸如 https://localhost:44300 之类的地方公开HTTPS.

The problem is that IIS Express will expose HTTP and HTTPS on different ports, so if you redirect from http://localhost:1234 to https://localhost:1234, it simply won't work, because IIS Express is exposing HTTPS on something like https://localhost:44300.

您可以(并且应该)在IIS Express上启用SSL/TLS，但是我只将重写规则保留为发布模式.

You can enable SSL/TLS on IIS Express (and you should), but I would leave the rewrite rule only for Release mode.

以下是示例Web.Release.config文件:

Here is an example Web.Release.config file:

<?xml version="1.0"?>
<configuration xmlns:xdt="http://schemas.microsoft.com/XML-Document-Transform">
  <system.web>
    <compilation xdt:Transform="RemoveAttributes(debug)" />
  </system.web>
  <system.webServer>
    <rewrite xdt:Transform="Insert">
      <rules>
        <!-- Redirects users to HTTPS if they try to access with HTTP -->
        <rule
          name="Force HTTPS"
          stopProcessing="true">
          <match url="(.*)"/>
          <conditions>
            <add input="{HTTPS}" pattern="^OFF$" ignoreCase="true"/>
          </conditions>
          <action
            type="Redirect"
            url="https://{HTTP_HOST}/{R:1}"
            redirectType="Permanent"/>
        </rule>
      </rules>
      <outboundRules>
        <!-- Enforces HTTPS for browsers with HSTS -->
        <!-- As per official spec only sent when users access with HTTPS -->
        <rule
          xdt:Transform="Insert"
          name="Add Strict-Transport-Security when HTTPS"
          enabled="true">
          <match serverVariable="RESPONSE_Strict_Transport_Security"
              pattern=".*" />
          <conditions>
            <add input="{HTTPS}" pattern="on" ignoreCase="true" />
          </conditions>
          <action type="Rewrite" value="max-age=31536000" />
        </rule>
      </outboundRules>
    </rewrite>
  </system.webServer>
</configuration>

请注意，我也在此处添加HSTS.它在发布模式下将< rewrite> 元素插入Web.config中.< system.webServer> 元素已经存在于Web.config中，否则我将插入它.

Note that I also add HSTS here. It inserts the <rewrite> element into Web.config in Release mode. The <system.webServer> element already exists in Web.config, otherwise I would be inserting that.

这篇关于该网站无法提供安全的连接的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！