最近要做一个项目,正逢ASP.Net Core 1.0版本的正式发布。由于现代互联网的安全要求,HTTPS加密通讯已成主流,所以就有了这个方案。
本方案启发于一个旧版的解决方案:
ASP.NET Core 1.0 部署 HTTPS (.NET Framework 4.5.1)
在反复搜索官方文档并反复尝试以后得出以下解决方案
在project.json 中,添加引用 Microsoft.AspNetCore.Server.Kestrel.Https
{ "dependencies": { //跨平台引用 //"Microsoft.NETCore.App": { // "version": "1.0.0", // "type": "platform" //}, "Microsoft.AspNetCore.Diagnostics": "1.0.0", "Microsoft.AspNetCore.Mvc": "1.0.0", "Microsoft.AspNetCore.Razor.Tools": { "version": "1.0.0-preview2-final", "type": "build" }, "Microsoft.AspNetCore.Server.IISIntegration": "1.0.0", "Microsoft.AspNetCore.Server.Kestrel": "1.0.0", "Microsoft.AspNetCore.Server.Kestrel.Https": "1.0.0", "Microsoft.AspNetCore.StaticFiles": "1.0.0", "Microsoft.Extensions.Configuration.EnvironmentVariables": "1.0.0", "Microsoft.Extensions.Configuration.Json": "1.0.0", "Microsoft.Extensions.Logging": "1.0.0", "Microsoft.Extensions.Logging.Console": "1.0.0", "Microsoft.Extensions.Logging.Debug": "1.0.0", "Microsoft.Extensions.Options.ConfigurationExtensions": "1.0.0", "Microsoft.VisualStudio.Web.BrowserLink.Loader": "14.0.0" }, "tools": { "BundlerMinifier.Core": "2.0.238", "Microsoft.AspNetCore.Razor.Tools": "1.0.0-preview2-final", "Microsoft.AspNetCore.Server.IISIntegration.Tools": "1.0.0-preview2-final" }, "frameworks": { //跨平台引用 //"netcoreapp1.0": { // "imports": [ // "dotnet5.6", // "portable-net45+win8" // ] //} //Windows平台通用化引用 "net452": {} }, "buildOptions": { "emitEntryPoint": true, "preserveCompilationContext": true }, "runtimeOptions": { "configProperties": { "System.GC.Server": true } }, "publishOptions": { "include": [ "wwwroot", "Views", "Areas/**/Views", "appsettings.json", "web.config" ], "exclude": [ "wwwroot/lib" ] }, "scripts": { "prepublish": [ "bower install", "dotnet bundle" ], "postpublish": [ "dotnet publish-iis --publish-folder %publish:OutputPath% --framework %publish:FullTargetFramework%" ] } }
在Program.cs中,增加HTTPS访问端口绑定
using System; using System.Collections.Generic; using System.IO; using System.Linq; using System.Threading.Tasks; using Microsoft.AspNetCore.Hosting; namespace Demo { public class Program { public static void Main(string[] args) { var host = new WebHostBuilder() .UseKestrel() .UseUrls("http://*", "https://*") .UseContentRoot(Directory.GetCurrentDirectory()) .UseIISIntegration() .UseStartup<Startup>() .Build(); host.Run(); } } }
在 Startup.cs 文件中,启用HTTPS访问并配置证书路径及密码
using System; using System.Collections.Generic; using System.Linq; using System.Threading.Tasks; using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Hosting; using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Logging; using System.IO; using Microsoft.AspNetCore.Http; namespace Demo { public class Startup { public Startup(IHostingEnvironment env) { var builder = new ConfigurationBuilder() .SetBasePath(env.ContentRootPath) .AddJsonFile("appsettings.json", optional: true, reloadOnChange: true) .AddJsonFile($"appsettings.{env.EnvironmentName}.json", optional: true) .AddEnvironmentVariables(); Configuration = builder.Build(); } public IConfigurationRoot Configuration { get; } // This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { // Add framework services. services.AddMvc(); services.Configure<Microsoft.AspNetCore.Server.Kestrel.KestrelServerOptions>(option => { option.UseHttps(Path.Combine(new DirectoryInfo(Directory.GetCurrentDirectory()).FullName, "cret.pfx"), "pw"); }); } // This method gets called by the runtime. Use this method to configure the HTTP request pipeline. public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory) { loggerFactory.AddConsole(Configuration.GetSection("Logging")); loggerFactory.AddDebug(); if (env.IsDevelopment()) { app.UseDeveloperExceptionPage(); app.UseBrowserLink(); } else { app.UseExceptionHandler("/Home/Error"); } app.UseStaticFiles(); app.UseMvc(routes => { routes.MapRoute( name: "default", template: "{controller=App}/{action=Index}/{id?}"); }); //https://docs.asp.net/en/latest/security/cors.html?highlight=https app.UseCors(builder =>builder.WithOrigins("https://*").AllowAnyHeader()); app.Run(run => { return run.Response.WriteAsync("Test"); }); } } }