问题
I have created an sample ASP.NET Core application using command line:
dotnet new
and tried to run it utilizing command:
dotnet run
But, when opening the URL in the browser, it complains that the SSL is invalid.
I can run the program using Visual Studio full version without any problem, but can not run it using command line:
dotnet run
Seems that Kestrel which is run by command dotnet run needs extra configurations.
Now, the question is how can I run my ASP.NET Core application over https using Kestrel?
I'm on Dot Net Core 2.2 and Visual Studio 2019
回答1:
When you run ASP.NET Core in development mode using dotnet run, or from within Visual Studio, then there is already built-in support for a development certificate that allows you to develop right away with HTTPS support.
The development certificate is built-in with the .NET Core SDK and usually it should set it self up when you run the .NET Core SDK for the first time. If that did not work or if you lost the development certificate for some reason, then you can always install it later using the following command:
dotnet dev-certs https --trust
This part is also described in the “Enforcing SSL” chapter of the official documentation.
Note that the development certicate only applies during development and of course you will need to set up a proper certificate for production later. How that works of course depends on how you are going to host the application later. The different options and how to configure SSL is covered in the hosting chapter.
回答2:
It seems that IIS Express does some works behinds the scense which include configuration of a SSL certification. So, I concentrated on ASP.NET Core's internal hosting component which is Kestrel.
Firstly, I created and SSL certificate using PowerShell by help of this command:
New-SelfSignedCertificate -DnsName localhost -CertStoreLocation "cert:\LocalMachine\My"
This command creats a certification which I can see it through management console / certificates program. For more information see this. After creating a new certificate, you are required to export it as a pfx file. To do so in the management console use follwing steps:
- Add
Certificatessnap-in to the management console. - Navigate through
Personal\Certifcates - Right click on your newly created certificate and, from "all tasks", select "export"
- Select the option which says: "Yes, export the private key"
- You'll see that the
pfxis automatically selected. Click "Next" - Set a password and saving location.
- You are done with creating a pfx file
Next step is to configure ASP.NET Core to use the pfx file which is described here:
public static IWebHost BuildWebHost(string[] args) => WebHost.CreateDefaultBuilder(args) .UseStartup < Startup > () .UseKestrel((hostingContext, options) => { if (hostingContext.HostingEnvironment.IsDevelopment) { options.Listen(IPAddress.Loopback, 9001); options.Listen(IPAddress.Loopback, 9002, listenOptions => { listenOptions.UseHttps("certificate.pfx", "password"); }); } }) .Build();
Now, the problem should be resolved. If not, try the certificate which is created by the IIS Express. This is also available in management console.
来源:https://stackoverflow.com/questions/56974302/self-hosted-asp-net-core-app-does-not-work-with-ssl