为ASP.NetCore程序启用SSL
来源:互联网 发布:积分商城软件文档 编辑:程序博客网 时间:2024/06/07 14:13
由于ASP.NetCore默认服务器Kestrel不像iis Express那样会自动生成本地证书,所以就需要手动构建pfx证书.
生成pfx证书
开发环境证书就用iis默认的本地证书即可,Cortana搜索:IIS,出现以下结果点击
进入管理器:点击服务器证书选项
选中以下本地默认证书后右键导出,指定路径和密码点击确认.
修改Program中BuildWebHost以增加SSL支持
第一种方案:
using System;using System.Collections.Generic;using System.IO;using System.Linq;using System.Threading.Tasks;using Microsoft.AspNetCore;using Microsoft.AspNetCore.Hosting;using Microsoft.Extensions.Configuration;using Microsoft.Extensions.Logging;using System.Net;namespace ASP.Net_Core_API{ public class Program { public static void Main(string[] args) { BuildWebHost(args).Run(); } public static IWebHost BuildWebHost(string[] args) => WebHost.CreateDefaultBuilder(args) .UseStartup<Startup>() .UseKestrel(options =>//设置Kestrel服务器 { options.Listen(IPAddress.Loopback, 5001, listenOptions => {
//填入之前iis中生成的pfx文件路径和指定的密码
listenOptions.UseHttps("D:\\DotNetCore\\ASP.Net Core API\\wwwroot\\dontCore.pfx", "111111");
});
})
.Build();
}
}
此种方案无需更改其他代码即可生效,点击运行
可看到已监听指定的端口5001,浏览器输入https://127.0.0.1:5001/api/values,可看到已启用ssl
第二种方案:同时支持http和https请求(基于appsettings.json配置)
由于上一种方案只支持https请求,但实际生产也需要http请求
实现核心代码:
Program:
using System;using System.Collections.Generic;using System.IO;using System.Linq;using System.Threading.Tasks;using Microsoft.AspNetCore;using Microsoft.AspNetCore.Hosting;using Microsoft.Extensions.Configuration;using Microsoft.Extensions.Logging;using System.Net;namespace ASP.Net_Core_API{ public class Program { public static void Main(string[] args) { BuildWebHost(args).Run(); } public static IWebHost BuildWebHost(string[] args) => WebHost.CreateDefaultBuilder(args) .UseStartup<Startup>() .UseKestrel(SetHost)//启用Kestrel .Build(); /// <summary> /// 配置Kestrel /// </summary> /// <param name="options"></param> private static void SetHost(Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerOptions options) { var configuration = (IConfiguration)options.ApplicationServices.GetService(typeof(IConfiguration)); var host = configuration.GetSection("RafHost").Get<Host>();//依据Host类反序列化appsettings.json中指定节点 foreach (var endpointKvp in host.Endpoints) { var endpointName = endpointKvp.Key; var endpoint = endpointKvp.Value;//获取appsettings.json的相关配置信息 if (!endpoint.IsEnabled) { continue; } var address = IPAddress.Parse(endpoint.Address); options.Listen(address, endpoint.Port, opt => { if (endpoint.Certificate != null)//证书不为空使用UserHttps { switch (endpoint.Certificate.Source) { case "File": opt.UseHttps(endpoint.Certificate.Path, endpoint.Certificate.Password); break; default: throw new NotImplementedException($"文件 {endpoint.Certificate.Source}还没有实现"); } //opt.UseConnectionLogging(); } }); options.UseSystemd(); } } } /// <summary> /// 待反序列化节点 /// </summary> public class Host { /// <summary> /// appsettings.json字典 /// </summary> public Dictionary<string, Endpoint> Endpoints { get; set; } } /// <summary> /// 终结点 /// </summary> public class Endpoint { /// <summary> /// 是否启用 /// </summary> public bool IsEnabled { get; set; } /// <summary> /// ip地址 /// </summary> public string Address { get; set; } /// <summary> /// 端口号 /// </summary> public int Port { get; set; } /// <summary> /// 证书 /// </summary> public Certificate Certificate { get; set; } } /// <summary> /// 证书类 /// </summary> public class Certificate { /// <summary> /// 源 /// </summary> public string Source { get; set; } /// <summary> /// 证书路径() /// </summary> public string Path { get; set; } /// <summary> /// 证书密钥 /// </summary> public string Password { get; set; } }}
appsettings.json
{ "ConnectionStrings": { "MySqlConnection": "Server=localhost;database=NetCore_WebAPI-Mysql;uid=root;pwd=111111;" }, "Logging": { "IncludeScopes": false, "Debug": { "LogLevel": { "Default": "Warning" } }, "Console": { "LogLevel": { "Default": "Warning" } } },
//以下为Kestrel配置信息,同时支持https和HTTP "RafHost": { "Endpoints": { "Http": { "IsEnabled": true, "Address": "127.0.0.1", "Port": "5000" }, "Https": { "IsEnabled": true, "Address": "127.0.0.1", "Port": "5443", "Certificate": { "Source": "File", "Path": "D:\\DotNetCore\\ASP.Net Core API\\wwwroot\\dontCore.pfx", "Password": "111111" } } } }}
点击运行会发现控制台出现监听两个端口的提示,一个支持https一个支持http
浏览器输入http://127.0.0.1:5000/api/values
http请求运行正常
再输入https://127.0.0.1:5443/api/values
https运行正常
阅读全文
0 0
- 为ASP.NetCore程序启用SSL
- 为WEB站点启用SSL
- 为 PHP 的 socket 启用 SSL 支持
- 第一个.NetCore 2.0程序
- netcore
- 为IIS启用ASP.NET 2.0
- log4net 使用笔记(asp.netcore)
- AutoMapper在asp.netcore中的使用
- 第一次在linux下运行.netcore程序
- 27.1.2 启用SSL
- IIS启用SSL
- apache 虚拟主机启用SSL
- Apache https(SSL)启用
- tomcat启用ssl
- 启用TOMCAT的SSL
- tomcat启用ssl
- Apache启用SSL
- 【dashboard】horizon启用ssl
- html5之div居中
- 深入理解计算机系统(3.4)------算术和逻辑操作
- cmd命令行查看configServer中的配置文件
- ArrayList动态数组
- 批处理文件 Android Studio 连接夜神模拟器
- 为ASP.NetCore程序启用SSL
- Https系列之三:让服务器同时支持http、https,基于spring boot
- Java学习笔记(38)--包装类
- session
- Intent的用法(1)
- (SSL证书)apache添加https
- 八大排序算法代码C
- 再起航,我的学习笔记之JavaScript设计模式26(解释器模式)
- C++11获取线程的返回值