如何为在 IIS 上运行的 aspnet 核心应用程序在 appsettings.json 中配置 IdentityServer 的关键设置 [英] How to configure key settings for IdentityServer in appsettings.json for aspnet core app running on IIS
问题描述
我使用以下命令创建了具有授权支持的模板 Angular/ASP.NET Core:
dotnet new angular --auth 个人
这是一个:
- ASP.NET Core 3.0 应用与
- 用于验证和存储用户的 ASP.NET Core Identity,
- IdentityServer4 用于实现 Open ID Connect,
- Angular SPA,
所有预配置都可以协同工作.
在基于此模板部署我的应用程序之前,我尝试先将此模板应用程序部署到 IIS.
我已将应用程序部署到 IIS 并设置了数据库,并且应用程序连接到它就好了,但我卡住了.我不确定如何创建和配置用于签署令牌的生产证书.
在
那么我该如何将正确的设置添加到 appsettings.json 中?
"IdentityServer": {钥匙": {类型":商店",商店名称":我的","StoreLocation": "当前用户",名称":CN=MyApplication"}}我正在努力在网上找到任何指南或示例,我们将不胜感激任何帮助或指出正确方向.
我也发现文档不够全面.我设法将一个角度应用程序部署到天蓝色.我不确定它是否类似于部署到 IIS.但这可能会帮助您找到解决问题的方法.
部署到 Azure:
首先,您必须将(自签名)证书 (.pfx) 上传到 azure 应用服务.我使用本指南创建自签名证书.
上传证书图片
您还必须通过将指纹添加到应用程序设置中来使证书可用.见图片.
不要忘记更新您的 appsettings.json,以便您的应用可以访问上一步中的证书.
"IdentityServer": {钥匙": {类型":商店",商店名称":我的","StoreLocation": "当前用户",名称":CN=yourApp-domain.com"}}如果遇到问题.将 appservice 中的环境变量更改为Development"以查看错误的详细信息.像这样.
更改环境变量
I created the template Angular / ASP.NET Core with authorisation support using this command:
dotnet new angular --auth Individual
This is an:
- ASP.NET Core 3.0 App with
- ASP.NET Core Identity for authenticating and storing users,
- IdentityServer4 for implementing Open ID Connect,
- Angular SPA,
All pre-configured to work together.
Before I deploy my app based on this template, I'm trying to first deploy this template app to IIS.
I've deployed the app to IIS and have a database setup and the app connected to it just fine, but I'm stuck. I am not sure how to create and configure the production certificate to use for signing tokens.
At this point in the Microsoft docs it briefly mentions "A production certificate to use for signing tokens." and gives and example for deployment to Azure.
How do I create the key in IIS? do you do something here?
Then how do I then add the correct settings to appsettings.json?
"IdentityServer": {
"Key": {
"Type": "Store",
"StoreName": "My",
"StoreLocation": "CurrentUser",
"Name": "CN=MyApplication"
}
}
I'm struggling to find any guides or examples on the net, any help or point in the right direction would be appreciated.
I also found that the documentation is not comperhensive enough. I managed to deploy the an angular app to azure. Im not sure if it similar to the deployment to IIS. But may be this could help you to find the solution for your problem.
Deployment to Azure:
First you have to upload the (self signed) certificate (.pfx) to azure app service. I used this guide to create self signed certificate.
upload certificate image
You also have to make the certificate available by adding the thumbprint into the application setting. see image.
Dont forget to update your appsettings.json so your app can access the certificate from the previous step.
"IdentityServer": {
"Key": {
"Type": "Store",
"StoreName": "My",
"StoreLocation": "CurrentUser",
"Name": "CN=yourApp-domain.com"
}
}
If you encounter problem. Change the environtment variable in appservice to "Development" to see detail information of the error. like this.
change environment variable
这篇关于如何为在 IIS 上运行的 aspnet 核心应用程序在 appsettings.json 中配置 IdentityServer 的关键设置的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
