为HTTPS配置ASP.NET Core 2.0 Kestrel

本文介绍了为HTTPS配置ASP.NET Core 2.0 Kestrel的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

TL; DR今天用ASP.NET Core 2.0设置HTTPS的正确方法是什么?

TL;DR What is today the correct way to setup HTTPS with ASP.NET Core 2.0?

我希望将我的项目配置为使用https和证书，如建于2017年.我尝试了几种设置，但没有任何效果.经过一番研究，我更加困惑.似乎有很多方法可以配置URL和端口…通过代码可以看到appsettings.json，hosting.json，并且在launchsettings.json中我们还可以设置URL和端口.

I would like to configure my project to use https and a certificate like they have shown at BUILD 2017. I have tried several settings but nothing worked. After some research, I am even more confused. It seems that there are many ways to configure URLs and ports… I have seen appsettings.json, hosting.json, via code, and in launchsettings.json we can also set the URL and port.

有没有一种标准"的方式来做到这一点?

Is there a "standard" way to do it?

这是我的appsettings.development.json

{ "Kestrel": { "Endpoints": { "Localhost": { "Address": "127.0.0.1", "Port": "40000" }, "LocalhostWithHttps": { "Address": "127.0.0.1", "Port": "40001", "Certificate": { "HTTPS": { "Source": "Store", "StoreLocation": "LocalMachine", "StoreName": "My", "Subject": "CN=localhost", "AllowInvalid": true } } } } } }

但是当我使用dotnet run从命令行启动时，或者当我使用Visual Studio中的调试器启动时，它总是从launchsettings.json中获取url和端口.

But it always takes the url and the port from launchsettings.json when I start from the command line with dotnet run or when I start with the debugger from Visual Studio.

这是我的Program.cs和Startup.cs

public class Program { public static void Main(string[] args) { BuildWebHost(args).Run(); } public static IWebHost BuildWebHost(string[] args) => WebHost.CreateDefaultBuilder(args) .UseStartup<Startup>() .Build(); } public class Startup { public IConfiguration Configuration { get; } public string Authority { get; set; } = "Authority"; public string ClientId { get; set; } = "ClientId"; public Startup(IConfiguration configuration) { Configuration = configuration; } public void ConfigureServices(IServiceCollection services) { services.Configure<MvcOptions>(options => options.Filters.Add(new RequireHttpsAttribute())); JsonConvert.DefaultSettings = () => new JsonSerializerSettings() { NullValueHandling = NullValueHandling.Ignore }; services.AddSingleton<IRepository, AzureSqlRepository>(x => new AzureSqlRepository(Configuration.GetConnectionString("DefaultConnection"))); services.AddSingleton<ISearchSplitService, SearchSplitService>(); services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(options => new JwtBearerOptions { Authority = this.Authority, Audience = this.ClientId }); services.AddMvc(); } public void Configure(IApplicationBuilder app, IHostingEnvironment env) { if (env.IsDevelopment()) { app.UseDeveloperExceptionPage(); app.UseWebpackDevMiddleware(new WebpackDevMiddlewareOptions() { HotModuleReplacement = true, ReactHotModuleReplacement = true, HotModuleReplacementEndpoint = "/dist/__webpack_hmr" }); } app.UseStaticFiles(); app.UseAuthentication(); app.UseMvc(routes => { routes.MapRoute( name: "default", template: "{controller=Home}/{id?}"); routes.MapSpaFallbackRoute( name: "spa-fallback", defaults: new { controller = "Home", action = "Index" }); }); } }

正如我所说，我无法使其在任何场合都可以正常工作.今天用ASP.NET Core 2.0设置HTTPS的正确方法是什么?

As I have said, I was not able to get it working in any constallation. What is today the correct way to setup HTTPS with ASP.NET Core 2.0?

推荐答案

不幸的是，在ASP.NET Core 2.0启动之前的各种视频或教程中已经显示了基于HTTP的HTTPS的基于配置的设置方式.使其进入最终版本.

Unfortunately, the way of configuration-based way of setting up HTTPS that has been shown in various videos or tutorials before the launch of ASP.NET Core 2.0 didn’t make it into the final release.

对于2.0，配置HTTPS的唯一方法是在代码中，通过显式设置Kestrel侦听器，如在本公告中，并使用 ListenOptions.UseHttps 启用HTTPS:

For 2.0, the only way to configure HTTPS is in code, by explicitly setting up the Kestrel listeners, as explained in this announcement, and using ListenOptions.UseHttps to enable HTTPS:

var host = new WebHostBuilder() .UseKestrel(options => { options.ListenAnyIP(443, listenOptions => { listenOptions.UseHttps("server.pfx", "password"); }); }) .UseStartup<Startup>() .Build();

不幸的是，在发布之时，官方文档 并未对此进行适当介绍，并宣传了尚未实施的基于配置的方式. 此问题自此已得到解决.

Unfortunately, at the time of release, the official documentation also did not cover this properly and advertised the configuration-based way that wasn’t implemented. This has been fixed since.

从ASP.NET Core 2.1开始，可以按照最初的承诺进行基于配置的HTTPS设置.如 Tratcher on GitHub 所述，这可能看起来像这样:

Starting with ASP.NET Core 2.1, configuration based HTTPS setup will be possible, as originally promised. This will likely look like this, as explained by Tratcher on GitHub:

"Kestrel": { "Endpoints": { "HTTPS": { "Url": "*:443", "Certificate": { "Path": "server.pfx", "Password": "password" } } } }

在您的特定示例中，基于代码的配置如下所示.请注意，如果您不想使用证书文件，则需要先从证书存储中手动检索证书.

In your particular example, the code-based configuration would look like the following. Note that if you don’t want to use a certificate file, you need to manually retrieve the certificate from the certificate store first.

.UseKestrel(options => { // listen for HTTP options.ListenLocalhost(40000); // retrieve certificate from store using (var store = new X509Store(StoreName.My)) { store.Open(OpenFlags.ReadOnly); var certs = store.Certificates.Find(X509FindType.FindBySubjectName, "localhost", false); if (certs.Count > 0) { var certificate = certs[0]; // listen for HTTPS options.ListenLocalhost(40001, listenOptions => { listenOptions.UseHttps(certificate); }); } } })