I'm using the preview tooling for ASP.NET Core and VS 2015 that was released in Dec timeframe.
I've followed numerous online examples with how to enable SSL in Kestrel. None of them worked.
So I tried an option in project called "Enable SSL" and it seems to set a port for me, and works from local host, but doesn't seem to work from elsewhere.
I've also tried .UseKestrel() I have option.UseHttps("ssl.pfx", "password")
Below that I have UseUrls, but it doesn't seem to bind correctly to the ports because my SSL requests. When I try to issue SSL requests it times out. I used netstat and it seems like there is no port opened for my specified SSL port.
1) How do I use UseUrls? I need both localhost and remote machine access
2) How do I configure IIS express to allow the https calls?
If anyone has a good reliable way to set this up for VS 2015 in an ASP.NET Core project I would really appreciate it!
Thanks,
James
You're not saying what you have tried so far, so maybe you've tried that already, but you need to:
have a valid certificate that your server will be able to provide to the client
install the nuget package: Microsoft.AspNetCore.Server.Kestrel.Https
change your configure sequence so that it uses Kestrel Https
app.UseKestrelHttps(certificate);
change the url Kestrel is listening to one starting by https://
I used this article a few months back on VS2015: https://www.thesslstore.com/blog/implement-ssl-kestrel-asp-net-core/
I worked fine for me, but maybe there are a few things to adapt with the latest version.
Related
when i run my Asp.net core 3.1 app with IIS, i encounter with:
but when i run it on HTTP protocol, it runs well.
I reinstall my Chrome,VS and IIS and also reinstall my SSL certificate with the help : Troubleshoot certificate problems
but the problem remains!
Additional information:
IIS:10 | VS:2019 | Windows:10 version-1909 | Chrome:version-84
also i used to work without problem in my other windows user
account,but i had to delete that and work with new user account.
I had this issue with Kaspersky and Visual Studio on Windows 10, and finally resolved it by disabling the Encrypted Connection Scanning in Settings > Network Settings, then restarting my machine.
It might be possible to add localhost to exclusions, but this didn't seem to work for me.
Recently I'm using TFS behind proxy authentication, everything works well till I try to install packages through the Package Manager Console, if I try to install a package, even if I set up proxy credentials to access TFS, the system asks for credentials to connect to nuget.org, when I input credentials, the authentication through nuget breaks the previous TFS proxy authentication, so I get the error HTTP code 407: Proxy Athentication Required (Forefront TMG requires authorization to fulfill the request. Access to the Web Proxy filter is denied. )
After that I can't use nuget and can't use TFS so I have to restart VS2013, but in this way I can't install packages.
Any Idea??
Thanks
I worked around this issue with NuGet 2.8.50926.663 and a very restrictive company proxy by installing Fiddler2 from www.fiddlertool.com. It seems having some kind of proxy go-between helps NuGet play nicely with proxies.
Of course there are other tools which will achieve the same effect, e.g. WireShark or Privoxy. I know Fiddler is very useful on a development workstation, so I choose that.
Searching for other solutions kept coming back to issues and regressions of issues in older versions of NuGet, like version 1.5 for example. Seems like either the proxy authentication or HTTPS certificate handling of NuGet is not so streamlined.
I want to write a small back-end REST server using Play! Framework 2.1.3. This server will only serve WS requests, and all communication to it must be made over SSL. For this reason, I don't want to have an HTTP port open for this server at all.
I've seen this question regarding SSL on various Play! branches, and according to the linked discussion, the only way to open SSL port (which worked for me) is to add JAVA_OPTS before running the server, like so:
JAVA_OPTS=-Dhttps.port=9443 play run
This setting opens both HTTP and HTTPS ports for communication.
My questions are:
Is it possible to open the server only for SSL communication? How?
Is there a configuration file where I put this setting?
Thanks!
This is super easy with Play 2.2, not sure it works on 2.1.3, I didn't see it in the 2.1.x docs...but was in the 2.2.x docs...so give it a shot, it might be implemented.
Throw this in your configuration file :
http.port=disabled
Or you could run it with the command line option :
-Dhttp.port=disabled
http://www.playframework.com/documentation/2.2.x/ConfiguringHttps
I am trying to set up a .NET web service in mod_mono that has historically has only run under IIS 6/7.
Most of it works well, except for one little detail: The web service is supposed to log the client certificate when the connections are made over HTTPS.
I have my Apache server running with mod_ssl and I can make successful connections to the service with a client certificate. I have verified my web service in IIS 7 and seen that it is able to pick up the client certificate if it is present.
It appears that ClientCertificate.IsPresent returns false always in mod_mono. Some googling reveals that this has been an issue in the past (where it only worked correctly under XPS).
I would like to believe that I have mis-configured something :-) Can anybody please point me in the right direction?
Best regards,
Emil
Oh, I needed to set SSLOptions +ExportCertData in httpd.conf and everything worked like a charm :-)
When one develops a self-hosted WCF http server,
one of the steps needed is to bind an SSL certificate to a port number:
httpcfg set ssl -i 0.0.0.0:8012 -h 0000000000003ed9cd0c315bbb6dc1c08da5e6
as stated in:
http://msdn.microsoft.com/en-us/library/ms733791.aspx
However,
It is hardly expected that in my deployment environment one would be able to do it.
(I don't even know if the httpcfg.exe is redistributable)
Moreover, if the user changed the port after he installed the product then he will need to run the command again....
how can this step be automated pro grammatically?
preferably in C# but if it can only be done in C++ (direct access to the Http Server API)
then I will manage :)
Have a look here: an open source C# UI for configuring HTTP.SYS that directly drives the API. This should get you an idea of the code necessary for configuring the certs.
For those tuning in a couple of years later:
This article from Mike Bouck's RAM has a clean C# wrapper for the http.sys api.
Таке а look on https://github.com/segor/SslCertBinding.Net
It also has nuget available
Install-Package SslCertBinding.Net
and does what you need perfectly. Thanks to the author.