How to setup Https on Kestrel

February 12, 2016 by Anuraj Estimated read time : 2 mins

ASP.NET5 ASP.NET Core HTTPS Kestrel

This post is about setup Https on Kestrel. Kestrel is a cross-platform web server based on libuv, a cross-platform asynchronous I/O library. Kestrel is open-source, and you can view the Kestrel source on GitHub. Kestrel is a great option to at least include support for in your ASP.NET 5 projects so that your project can be easily run by developers on any of the supported platforms.

To setup https, first you need SSL certificates, for demo purposes you can create self signed certificates from IIS. (IIS < Server certificates < And select the Create Self Signed certificate. You need to provide friendly name for the certificate, and store. Once it created, you can export the certificate to get the pfx file.

Now you can modify the project.json file to add the reference of Kestrel.Https nuget package.

"dependencies": {
    "Microsoft.AspNet.Server.Kestrel": "1.0.0-rc1-final",
    "Microsoft.AspNet.IISPlatformHandler": "1.0.0-rc1-final",
    "Microsoft.AspNet.Diagnostics": "1.0.0-rc1-final",
    "Microsoft.AspNet.Mvc": "6.0.0-rc1-final",
    "Microsoft.Extensions.Logging.Console": "1.0.0-rc1-final",
    "Microsoft.AspNet.Server.Kestrel.Https": "1.0.0-rc1-final"
}

Now you need to modify the startup file, configure() method to use certificate.

public void Configure(IApplicationBuilder app,
    IHostingEnvironment env,
    IApplicationEnvironment appEnv,
    ILoggerFactory loggerFactory)
{
    loggerFactory.AddConsole();
    var pfxFile = Path.Combine(appEnv.ApplicationBasePath, "Sample.pfx");
    X509Certificate2 certificate = new X509Certificate2(pfxFile, "Password");
    app.Use(ChangeContextToHttps);
    app.UseKestrelHttps(certificate);
    app.UseDeveloperExceptionPage();
    app.UseMvcWithDefaultRoute();
}

Don’t hard code you’re certificate password in the code, use secrets API instead.

The following method is a word around for 454 defect. It is fixed in RC2.

private static RequestDelegate ChangeContextToHttps(RequestDelegate next)
{
    return async context =>
    {
        context.Request.Scheme = "https";
        await next(context);
    };
}

Now you need to modify the project.json, to change the URL.

"commands": {
    "web": "Microsoft.AspNet.Server.Kestrel --server.urls https://*:5004"
}

You need to remove “dnxcore50” from the frameworks, because Kestrel.Https is not supported in dnxcore. Now you can browse the URL with https.

Happy Programming :)