为HTTPS配置ASP.NET Core 2.0 Kestrel [英] Configure ASP.NET Core 2.0 Kestrel for HTTPS
问题描述
TL; DR今天用ASP.NET Core 2.0设置HTTPS的正确方法是什么?
TL;DR What is today the correct way to setup HTTPS with ASP.NET Core 2.0?
I would like to configure my project to use https and a certificate like they have shown at BUILD 2017. I have tried several settings but nothing worked. After some research, I am even more confused. It seems that there are many ways to configure URLs and ports… I have seen appsettings.json, hosting.json, via code, and in launchsettings.json we can also set the URL and port.
有没有一种标准"的方式来做到这一点?
Is there a "standard" way to do it?
这是我的appsettings.development.json
{
"Kestrel": {
"Endpoints": {
"Localhost": {
"Address": "127.0.0.1",
"Port": "40000"
},
"LocalhostWithHttps": {
"Address": "127.0.0.1",
"Port": "40001",
"Certificate": {
"HTTPS": {
"Source": "Store",
"StoreLocation": "LocalMachine",
"StoreName": "My",
"Subject": "CN=localhost",
"AllowInvalid": true
}
}
}
}
}
}
但是当我使用dotnet run从命令行启动时,或者当我使用Visual Studio中的调试器启动时,它总是从launchsettings.json中获取url和端口.
But it always takes the url and the port from launchsettings.json when I start from the command line with dotnet run or when I start with the debugger from Visual Studio.
这是我的Program.cs和Startup.cs
public class Program
{
public static void Main(string[] args)
{
BuildWebHost(args).Run();
}
public static IWebHost BuildWebHost(string[] args) =>
WebHost.CreateDefaultBuilder(args)
.UseStartup<Startup>()
.Build();
}
public class Startup
{
public IConfiguration Configuration { get; }
public string Authority { get; set; } = "Authority";
public string ClientId { get; set; } = "ClientId";
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public void ConfigureServices(IServiceCollection services)
{
services.Configure<MvcOptions>(options => options.Filters.Add(new RequireHttpsAttribute()));
JsonConvert.DefaultSettings = () => new JsonSerializerSettings() {
NullValueHandling = NullValueHandling.Ignore
};
services.AddSingleton<IRepository, AzureSqlRepository>(x => new AzureSqlRepository(Configuration.GetConnectionString("DefaultConnection")));
services.AddSingleton<ISearchSplitService, SearchSplitService>();
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options => new JwtBearerOptions {
Authority = this.Authority,
Audience = this.ClientId
});
services.AddMvc();
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseWebpackDevMiddleware(new WebpackDevMiddlewareOptions() { HotModuleReplacement = true, ReactHotModuleReplacement = true, HotModuleReplacementEndpoint = "/dist/__webpack_hmr" });
}
app.UseStaticFiles();
app.UseAuthentication();
app.UseMvc(routes => {
routes.MapRoute(
name: "default",
template: "{controller=Home}/{id?}");
routes.MapSpaFallbackRoute(
name: "spa-fallback",
defaults: new { controller = "Home", action = "Index" });
});
}
}
正如我所说,我无法使其在任何场合都可以正常工作.今天用ASP.NET Core 2.0设置HTTPS的正确方法是什么?
As I have said, I was not able to get it working in any constallation. What is today the correct way to setup HTTPS with ASP.NET Core 2.0?
推荐答案
不幸的是,在ASP.NET Core 2.0启动之前的各种视频或教程中已经显示了基于HTTP的HTTPS的基于配置的设置方式.使其进入最终版本.
Unfortunately, the way of configuration-based way of setting up HTTPS that has been shown in various videos or tutorials before the launch of ASP.NET Core 2.0 didn’t make it into the final release.
对于2.0,配置HTTPS的唯一方法是在代码中,通过显式设置Kestrel侦听器,如
For 2.0, the only way to configure HTTPS is in code, by explicitly setting up the Kestrel listeners, as explained in this announcement, and using ListenOptions.UseHttps to enable HTTPS:
var host = new WebHostBuilder()
.UseKestrel(options =>
{
options.ListenAnyIP(443, listenOptions =>
{
listenOptions.UseHttps("server.pfx", "password");
});
})
.UseStartup<Startup>()
.Build();
不幸的是,在发布之时,官方文档 并未对此进行适当介绍,并宣传了尚未实施的基于配置的方式. 此问题自此已得到解决.
Unfortunately, at the time of release, the official documentation also did not cover this properly and advertised the configuration-based way that wasn’t implemented. This has been fixed since.
从ASP.NET Core 2.1开始,可以按照最初的承诺进行基于配置的HTTPS设置.如 Tratcher on GitHub 所述,这可能看起来像这样:
Starting with ASP.NET Core 2.1, configuration based HTTPS setup will be possible, as originally promised. This will likely look like this, as explained by Tratcher on GitHub:
"Kestrel": {
"Endpoints": {
"HTTPS": {
"Url": "https://*:443",
"Certificate": {
"Path": "server.pfx",
"Password": "password"
}
}
}
}
在您的特定示例中,基于代码的配置如下所示.请注意,如果您不想使用证书文件,则需要先从证书存储中手动检索证书.
In your particular example, the code-based configuration would look like the following. Note that if you don’t want to use a certificate file, you need to manually retrieve the certificate from the certificate store first.
.UseKestrel(options =>
{
// listen for HTTP
options.ListenLocalhost(40000);
// retrieve certificate from store
using (var store = new X509Store(StoreName.My))
{
store.Open(OpenFlags.ReadOnly);
var certs = store.Certificates.Find(X509FindType.FindBySubjectName,
"localhost", false);
if (certs.Count > 0)
{
var certificate = certs[0];
// listen for HTTPS
options.ListenLocalhost(40001, listenOptions =>
{
listenOptions.UseHttps(certificate);
});
}
}
})
这篇关于为HTTPS配置ASP.NET Core 2.0 Kestrel的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
