如何在 ASP.NET Core 2.1 + Kestrel 中禁用 HTTPS? [英] How do I disable HTTPS in ASP.NET Core 2.1 + Kestrel?

问题描述

因此，随着 ASP.NET Core 2.1 的出现，Kestrel 现在会在 HTTP 端点旁边自动创建一个 HTTPS 端点，并且默认项目模板设置为从 HTTP 重定向到 HTTPS(这很容易撤消).

So it appears with the advent of ASP.NET Core 2.1, Kestrel now automatically creates an HTTPS endpoint along side the HTTP one, and default project templates are setup to redirect from HTTP to HTTPS (which is easy enough to undo).

但是我的问题是...如何为我的项目完全禁用 HTTPS.我已经通读了文档并尝试了各种 HTTPS 配置设置，但我所做的一切似乎都不允许我关闭它并只运行一个 HTTP 项目.

However my question is... how can I disable HTTPS entirely for my project. I've read through the docs and played with a variety of config settings for HTTPS but nothing I do seems to allow me to turn it off and just run an HTTP project.

我是疯了还是只是错过了什么.我希望这非常容易做到.

Am I crazy or just missing something. I would expect this to be super easy to do.

推荐答案

原来实现我想要做的正确方法是使用 .UseKestrel() 专门配置 Kestrel 并简单地指定一个地址，如下所示:

Turns out the proper way to achieve what I wanted to do, was to specifically configure Kestrel with .UseKestrel() and simply specify a single address, like this:

  WebHost.CreateDefaultBuilder(args)
    .UseKestrel(options => {
      options.Listen(IPAddress.Loopback, 5080); //HTTP port
    })
    .UseStartup<Startup>();

影响覆盖默认设置，并在 Kestel 启动时显示此警告:

in affect overriding the default setup, and displaying this warning when Kestel starts:

warn: Microsoft.AspNetCore.Server.Kestrel[0]
  Overriding address(es) 'https://localhost:5001, http://localhost:5000'. Binding to endpoints defined in UseKestrel() instead.

如果指定了第二个地址，它将假定该地址将使用内置开发人员证书进行保护，例如:

if a second address is specified it will assume that address is to be secured with the built-in developer cert, as such:

  WebHost.CreateDefaultBuilder(args)
    .UseKestrel(options => {
      options.Listen(IPAddress.Loopback, 5080); //HTTP port
      options.Listen(IPAddress.Loopback, 5443); //HTTPS port
    })
    .UseStartup<Startup>();

您当然可以按照此处所述专门保护您的 SSL 地址:

you may of course specifically secure your SSL address as described here:

https://docs.microsoft.com/en-us/aspnet/core/fundamentals/servers/kestrel?view=aspnetcore-2.1&tabs=aspnetcore2x

这是生产设置所必需的.

which is necessary for production setups.

这篇关于如何在 ASP.NET Core 2.1 + Kestrel 中禁用 HTTPS?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！