TL; DR今天用ASP.NET Core 2.0设置HTTPS的正确方法是什么?
TL;DR What is today the correct way to setup HTTPS with ASP.NET Core 2.0?
我希望将我的项目配置为使用https和证书,如建于2017年.我尝试了几种设置,但没有任何效果.经过一番研究,我更加困惑.似乎有很多方法可以配置URL和端口…通过代码可以看到appsettings.json,hosting.json,并且在launchsettings.json中我们还可以设置URL和端口.
I would like to configure my project to use https and a certificate like they have shown at BUILD 2017. I have tried several settings but nothing worked. After some research, I am even more confused. It seems that there are many ways to configure URLs and ports… I have seen appsettings.json, hosting.json, via code, and in launchsettings.json we can also set the URL and port.
有没有一种标准"的方式来做到这一点?
Is there a "standard" way to do it?
这是我的appsettings.development.json
{ "Kestrel": { "Endpoints": { "Localhost": { "Address": "127.0.0.1", "Port": "40000" }, "LocalhostWithHttps": { "Address": "127.0.0.1", "Port": "40001", "Certificate": { "HTTPS": { "Source": "Store", "StoreLocation": "LocalMachine", "StoreName": "My", "Subject": "CN=localhost", "AllowInvalid": true } } } } } }但是当我使用dotnet run从命令行启动时,或者当我使用Visual Studio中的调试器启动时,它总是从launchsettings.json中获取url和端口.
But it always takes the url and the port from launchsettings.json when I start from the command line with dotnet run or when I start with the debugger from Visual Studio.
这是我的Program.cs和Startup.cs
public class Program { public static void Main(string[] args) { BuildWebHost(args).Run(); } public static IWebHost BuildWebHost(string[] args) => WebHost.CreateDefaultBuilder(args) .UseStartup<Startup>() .Build(); } public class Startup { public IConfiguration Configuration { get; } public string Authority { get; set; } = "Authority"; public string ClientId { get; set; } = "ClientId"; public Startup(IConfiguration configuration) { Configuration = configuration; } public void ConfigureServices(IServiceCollection services) { services.Configure<MvcOptions>(options => options.Filters.Add(new RequireHttpsAttribute())); JsonConvert.DefaultSettings = () => new JsonSerializerSettings() { NullValueHandling = NullValueHandling.Ignore }; services.AddSingleton<IRepository, AzureSqlRepository>(x => new AzureSqlRepository(Configuration.GetConnectionString("DefaultConnection"))); services.AddSingleton<ISearchSplitService, SearchSplitService>(); services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(options => new JwtBearerOptions { Authority = this.Authority, Audience = this.ClientId }); services.AddMvc(); } public void Configure(IApplicationBuilder app, IHostingEnvironment env) { if (env.IsDevelopment()) { app.UseDeveloperExceptionPage(); app.UseWebpackDevMiddleware(new WebpackDevMiddlewareOptions() { HotModuleReplacement = true, ReactHotModuleReplacement = true, HotModuleReplacementEndpoint = "/dist/__webpack_hmr" }); } app.UseStaticFiles(); app.UseAuthentication(); app.UseMvc(routes => { routes.MapRoute( name: "default", template: "{controller=Home}/{id?}"); routes.MapSpaFallbackRoute( name: "spa-fallback", defaults: new { controller = "Home", action = "Index" }); }); } }正如我所说,我无法使其在任何场合都可以正常工作.今天用ASP.NET Core 2.0设置HTTPS的正确方法是什么?
As I have said, I was not able to get it working in any constallation. What is today the correct way to setup HTTPS with ASP.NET Core 2.0?
推荐答案不幸的是,在ASP.NET Core 2.0启动之前的各种视频或教程中已经显示了基于HTTP的HTTPS的基于配置的设置方式.使其进入最终版本.
Unfortunately, the way of configuration-based way of setting up HTTPS that has been shown in various videos or tutorials before the launch of ASP.NET Core 2.0 didn’t make it into the final release.
对于2.0,配置HTTPS的唯一方法是在代码中,通过显式设置Kestrel侦听器,如在本公告中,并使用 ListenOptions.UseHttps 启用HTTPS:
For 2.0, the only way to configure HTTPS is in code, by explicitly setting up the Kestrel listeners, as explained in this announcement, and using ListenOptions.UseHttps to enable HTTPS:
var host = new WebHostBuilder() .UseKestrel(options => { options.ListenAnyIP(443, listenOptions => { listenOptions.UseHttps("server.pfx", "password"); }); }) .UseStartup<Startup>() .Build();不幸的是,在发布之时,官方文档 并未对此进行适当介绍,并宣传了尚未实施的基于配置的方式. 此问题自此已得到解决.
Unfortunately, at the time of release, the official documentation also did not cover this properly and advertised the configuration-based way that wasn’t implemented. This has been fixed since.
从ASP.NET Core 2.1开始,可以按照最初的承诺进行基于配置的HTTPS设置.如 Tratcher on GitHub 所述,这可能看起来像这样:
Starting with ASP.NET Core 2.1, configuration based HTTPS setup will be possible, as originally promised. This will likely look like this, as explained by Tratcher on GitHub:
"Kestrel": { "Endpoints": { "HTTPS": { "Url": "*:443", "Certificate": { "Path": "server.pfx", "Password": "password" } } } }
在您的特定示例中,基于代码的配置如下所示.请注意,如果您不想使用证书文件,则需要先从证书存储中手动检索证书.
In your particular example, the code-based configuration would look like the following. Note that if you don’t want to use a certificate file, you need to manually retrieve the certificate from the certificate store first.
.UseKestrel(options => { // listen for HTTP options.ListenLocalhost(40000); // retrieve certificate from store using (var store = new X509Store(StoreName.My)) { store.Open(OpenFlags.ReadOnly); var certs = store.Certificates.Find(X509FindType.FindBySubjectName, "localhost", false); if (certs.Count > 0) { var certificate = certs[0]; // listen for HTTPS options.ListenLocalhost(40001, listenOptions => { listenOptions.UseHttps(certificate); }); } } })更多推荐
为HTTPS配置ASP.NET Core 2.0 Kestrel
发布评论