Deploying HTTPS and kestrelhttps in ASP. NET Core Kestrel

Deploying HTTPS and kestrelhttps in ASP. NET Core Kestrel

ASP. NET Core: Configure Kestrel to deploy HTTPS. Now, HTTPS has been deployed on most websites, and everyone is paying more and more attention to security.

Today, we will briefly introduce how to deploy HTTPS in ASP. NET Core by configuring Kestrel. You can also deploy HTTPS through pre-Nginx.

Next, go to the topic.

Create a project and add reference

Create an ASP. NET Core Web Application Template and select null.

Create a project and add Microsoft. AspNetCore. Server. Kestrel. Https.

Install-Package Microsoft.AspNetCore.Server.Kestrel.Https

If your. NET Core SDK is still 1.0, add the Version Install-Package Microsoft. AspNetCore. Server. Kestrel. Https-Version 1.0.0 to the reference.

Generate Certificate

Generate a certificate using OpenSSL

You must first install OpenSSL.

First, create your own root certificate root and make your own CA, that is, the issuer.

Openssl genrsa-des3-out root. key

Enter the password as prompted.

Openssl req-new-key root. key-out root. csr

Enter the password you just set and enter some information

Then create a 10-year root certificate root. crt

Openssl x509-req-days 3650-sha1-extensions v3_ca-signkey root. key-in root. csr-out root. crt

Create a server certificate

openssl genrsa -des3 -out server.key 2048
openssl req -new -key server.key -out server.req
openssl x509 -req -days 730 -sha1 -extensions v3_req -CA root.crt -CAkey root.key -CAserial root.srl -CAcreateserial -in server.csr -out server.crt

openssl pkcs12 -export -in server.crt -inkey server.key -out server.pfx

 

The final server. pfx can be used to configure HTTPS.

Copy server. pfx to the project root directory.

 

Then open Program. cs and change the Code as follows:

    public class Program    {        public static void Main(string[] args)        {            var host = new WebHostBuilder()                .UseKestrel(option=> {                    option.UseHttps("server.pfx", "linezero");                })                .UseUrls("https://*:443")                .UseContentRoot(Directory.GetCurrentDirectory())                .UseIISIntegration()                .UseStartup<Startup>()                .Build();            host.Run();        }    }

 

Then choose to run with Kestrel.

Open your browser and enter https: // localhost/

 

Because the certificate is generated by yourself, the red mark is displayed, that is, the certificate is not verified.

Download the test certificate: server. pfx

 

If you think this article is helpful to you, click"Recommendation", Thank you.