c# - How to enable fully working HTTPS for .NET Core WebApp on Debian with nginx?
问题描述
I'd want to encrypt traffic to my webapp via HTTPS but I'm struggling with it on Debian
Of course there's guide at Microsoft's site: https://docs.microsoft.com/en-US/aspnet/core/security/enforcing-ssl?view=aspnetcore-2.1&tabs=visual-studio
but... is not that just redirection?
This document shows how to:
Require HTTPS for all requests.
Redirect all HTTP requests to HTT
How can I create those .pfx files or whatever else I need to add HTTPs to my webapp?
解决方案
I recommend to use nginx
as reverse proxy for your web application. In this case you won't need to modify your app code, you will be able to modify your HTTPS
settings without any modifications in web app. Steps:
1) Setup your website, for example it will use port 5000
2) Install nginx
and create basic config like this one:
worker_processes 4;
events { worker_connections 1024; }
http {
sendfile on;
upstream app_servers {
server web:5000;
}
server {
server_name your_server_name_here.com;
listen 80;
location / {
proxy_pass http://app_servers;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
}
}
Read more about configuration here.
3) Use letsencrypt for obtaining free HTTPS
certificates via certbot. It will do all job for working with certs and will modify your nginx
config automatically
Also I suggest to use Docker - it will help you to separate code and proxy better.
推荐阅读
- python - 如何在 shell_exec 运行 Python 脚本之前检查 CPU 使用率?或者替代排队方法来防止服务器过载?
- docker - 尝试从 docker 容器访问共享内存时出现“权限被拒绝”,即使 --ipc 设置为“主机”
- javascript - 将 Vue 属性绑定到异步值
- java - 使用 group by 休息命名约定
- ruby-on-rails - Ruby on Rails 中的多对多关系,无法使用多选字段创建多条记录
- elixir - 有没有办法在 Elixir 中将函数体作为字符串获取?
- git - 我如何在 docker 上运行 jenkins、maven 和 git:windows
- python - 带有 oracle 的 pandas df.to_sql 返回 ORA-01008:并非所有变量都绑定
- c# - 具有基本方向的二维阵列运动
- python - 使用多重继承时如何调用第二个超级方法?