In my ASP.NET Core project, I have turned ON HTTPS Redirection, with this setting in my Program.cs:
app.UseHttpsRedirection();
I have referred to MS doc.
Locally, when I run my Core Web project, it uses https by default (https://localhost:7432/). Now, to test if redirection from http -> https works, I browse to http://localhost:7432/, but I get a "This page isn’t working right now" error.
So, how do I test if this redirection is working locally?
In the Properties/launchSettings.json file, you'll see a property for applicationUrl that looks like this:
"applicationUrl": "https://localhost:7250;http://localhost:5097"
This sets up the app to listen on two different ports: 7250 for HTTPS and 5097 for HTTP. In your specific project, find the HTTP URL and use that to test the HTTPS redirection locally.
As far I know, you can't share the same port for both http and https. Instead, you should define the ports in the appsettings.json or appsettings.Production.json. FYI, I never define such thing in appsettings.json, because that file is typically part of the repository. To me, the best place is in the other file.
In one of those files, you should see (or add whereas not present) something like this:
"Kestrel": {
"EndPoints": {
"Http": {
"Url": "http://*:5000"
},
"Https": {
"Url": "https://*:5001",
"Certificate": {
"Path": "(your certificate file)",
"Password": "(your certificate password)"
},
}
}
},
"AllowedHosts": "*",
"AllowInvalid": true,
"https_port": 443,
...
Doing so, when you try to call your site as http, it will attempt to switch to the other port, using https.
For sure not the best explaination, but that's what I know about the https redirection.
Related
When our certificate is automatically updated by "Let's Encrypt", it is necessary to restart our web API service to use the new certificate. I have two challenges: (1) how to automatically detect when the certificate is renewed, and (2) how to use the new certificate without requiring a restart of the web API service.
We configure Kestrel to support https in the appsettings.json file. Something similar to:
HttpsInlineCertAndKeyFile": {
"Url": "https://localhost:5002",
"Certificate": {
"Path": "<path to .pem/.crt file>",
"KeyPath": "<path to .key file>",
"Password": "$CREDENTIAL_PLACEHOLDER$"
}
}
We are developing in c# .net core 6
There is a possibility to reload the certificate without restarting. basically there is a callback mechanism which loads the certificate for each request.
.UseKestrel(options =>
{
options.ConfigureHttpsDefaults(o =>
{
o.ServerCertificateSelector = (context, dnsName) =>
{
return GetCertificateFromPath();
};
});
});
since it calls this GetCertificateFromPath method for each request so you have to cache the certificate somehow inside the GetCertificateFromPath() method and only read when it is changed.
it should be possible with some way by checking modified date or something.
I have a C# controller which is running at port 44347. And when I go to browser locally https://127.0.0.0.1:44347/myurl, it hits my Controller runs on the same machine.
I want to setup so that I can when I load https://mytest.mycom.com:44347/myurl locally, it hits my controller run locally.
I have added 'mytest.mycom.com 127.0.0.1' to my hosts file in Windows. And I verify that ping mytest.mycom.com , it has reply.
But when I go https://mytest.mycom.com:44347/myurl locally, I get message saying 'mytest.mycom.com' took too long to respond.
Can you please tell me what am I missing?
You can change the url that your application uses within launchSettings.config (under the properties folder). Following is an example -
"iisSettings": {
"windowsAuthentication": false,
"anonymousAuthentication": true,
"iisExpress": {
"applicationUrl": "http://localhost:39655/",
"sslPort": 44340
}
},
Changing "applicationUrl" will allow you to use your test domain locally.
I'm creating new ASP.NET Core application and it run on https://localhost:44382/. I want to set multiple urls to browse my application like site1.testing.com, site2.testing.com, site3.tseting.com.
Everytime I browser those urls , I want to redirect to my application.
I found this setting in launchSetting.json
"myCoreApp": {
"commandName": "Project",
"launchBrowser": true,
"applicationUrl": "https://localhost:5001;http://localhost:5000",
"environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "Development"
}
}
as you see
"applicationUrl": "https://localhost:5001;http://localhost:5000",
By referencing this , I've tried changing in this setting and doesn't work.
You cannot declare more than 1 URL for HTTP, and 1 URL for HTTPS protocol. (exclude case: you use different environment parameter).
Recommend for you (also is best practice):
Use NGINX server block, or
Apache HTTP Server virtual host.
Reference:
https://www.nginx.com/resources/wiki/start/topics/examples/server_blocks/
https://httpd.apache.org/docs/2.4/vhosts/examples.html
https://github.com/SchemaStore/schemastore/blob/master/src/schemas/json/launchsettings.json#L99
I'm trying to use nginx as a proxy server and use express+passport to authenticate user before showing private/static file(s).
I'm only working with http now (during the development stage). I found Express + Nginx. Can't serve static files and learned quite some from it but my code is not working.
My nginx settings:
http {
server {
listen 80;
root /var/www/html;
location /private {
proxy_pass http://myIP4:3000/private; #3000 is the port for express server
proxy_method GET;
}
}
}
My express(passport) code is like:
...
...
#simplified login, real code is longer
app.use('/login', passport.authenticated('local'),function(req, res){
res.redirect('/private/index.html'); #if authentication is OK
});
app.use(function(req,res,next){
if ((req.url !== '/login') && (!req.isAuthenticated()) ){ #not the login page and not authentication failed
res.redirect(301,'http://myIP4/login.html');
}
else {#if authenticated
console.log('authentication OK');
express.static("/var/www/html/private/");
}
});
My login API works fine, after I submit the username/password, I could see login successfully. But the redirect has some issues: the browser could not show the destination file: /private/index.html (after login) and /private/test.html (if I type the full url directly in my browser after login successfully).
Browser shows:
Cannot GET /private/index.html
Debug of Browser shows:
Content Security Policy: The page’s settings blocked the loading of a resource at http://myIP4/favicon.ico (“default-src”).
I found some posts about setting Content_Secrity_policy but I could not make it working after some try out.
Thanks for your time help!
I solved this by changing in the express:
From:
express.static("/var/www/html/private/");
To:
app.use ('/private',express.static('/var/www/html/private'));
And it works now.
Hello i'm creating a web application using webpack, which makes REST api call to a backend server. The problem I have is CORS issues, so I will need to use a proxy.
Which leads me to how do I connect wepback-dev-server which runs on port(8080) to my api server which runs on port (7000)? Would my proxy server run same as port(8080)?
I read up on expressjs, npm node-http-proxy and webpack, but struggling to tie it all together.
I'm new to proxying.
Below a sample config for webpack-dev-server, see the proxy option
var config = {
// webpack stuff here ...
//dev server configuration
devServer: {
// ...
// every request made to 'locahost:8080/api/xxxx' will be proxyfied to 'http://localhost:7000/api/xxxx'
proxy: {
"/api/*": {
target: "http://localhost:7000",
secure: false,
rewrite: function(req, options) {
//you can handle rewrite here if you need to
}
},
}
},
//
};
module.exports = config;
As described here https://webpack.github.io/docs/webpack-dev-server.html#proxy
Hope it helps,
EDIT as for webpack-dev-server v 1.14.1 'rewrite' is still implemented