HTTPS redirection for specific port only (listening on mixed ports) with KestrelConfigurable port number when using Kestrel?How to ASP.NET Core 1.0.1 API HTTPS with KestrelWhy Kestrel doesn't listen at specified port?Force Kestrel to specified portKestrel: get access to IP+port pair(s) it's listening onUsing Kestrel, Https with during development modeASP.NET Core 2.1 no HTTP/HTTPS redirection in App EngineHow to run asp.net core 2.1 release app at a specific port?Asp.net core 2.1 UseHttpsRedirection not working in IISWhy do I get a 502 when I attempt to access ELB DNS
Why can't I hear fret buzz through the amp?
Why didn't Doctor Strange restore Tony Stark after he used the Stones?
Real orthogonal and sign
Do Australia and New Zealand have a travel ban on Somalis (like Wikipedia says)?
Could a US citizen born through "birth tourism" become President?
May I use a railway velocipede on actively-used British railways?
Demographic consequences of closed loop reincarnation
Making a Dataset that emulates `ls -tlra`?
Brute-force the switchboard
How slow ( not zero) can a car engine run without hurting engine and saving on fuel
🍩🔔🔥Scrambled emoji tale⚛️🎶🛒 #2️⃣
How was Luke's prosthetic hand in Episode V filmed?
Align the contents of a numerical matrix when you have minus signs
Why isn't a binary file shown as 0s and 1s?
Inscriptio Labyrinthica
Who or what determines if a curse is valid or not?
How do you name this compound using IUPAC system (including steps)?
Proof that every field is perfect???
Why don't humans perceive waves as twice the frequency they are?
/bin/sh: 0: Can't open sh
Why do space operations use "nominal" to mean "working correctly"?
Is it legal for a supermarket to refuse to sell an adult beer if an adult with them doesn’t have their ID?
In this iconic lunar orbit rendezvous photo of John Houbolt, why do arrows #5 and #6 point the "wrong" way?
How much solution to fill Paterson Universal Tank when developing film?
HTTPS redirection for specific port only (listening on mixed ports) with Kestrel
Configurable port number when using Kestrel?How to ASP.NET Core 1.0.1 API HTTPS with KestrelWhy Kestrel doesn't listen at specified port?Force Kestrel to specified portKestrel: get access to IP+port pair(s) it's listening onUsing Kestrel, Https with during development modeASP.NET Core 2.1 no HTTP/HTTPS redirection in App EngineHow to run asp.net core 2.1 release app at a specific port?Asp.net core 2.1 UseHttpsRedirection not working in IISWhy do I get a 502 when I attempt to access ELB DNS
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;
Using .NET Core 2.1, C#, Kestrel.
This is going to be a weird request but:
I have an external URL of which requires to be HTTPS and an internal URL which is HTTP only.
I am wondering how I can redirect any traffic to HTTP on port 443 to HTTPS (staying on same port, 443); at the moment it stays on HTTP and dies a horrible death.
(Note: port 888 remains as HTTP and any traffic going to there needs to stay as insecure HTTP.)
I have it set up in Program.cs as so:
WebHost.CreateDefaultBuilder(args)
.UseStartup<Startup>()
.UseKestrel(options =>
options.Listen(IPAddress.Any, 443, opts=>
opts.UseHttps("mycert.pfx");
);
options.Listen(IPAddress.Any, 888);
)
.Build();
On Startup, I tried with Configure(IApplicationBuilder app...)
app.UseHttpsRedirection();
But this resulted in ALL traffic on both ports being redirected to HTTPS which is a problem for 888 as there is no SSL cert for it!
Is there any way to redirect from HTTP to HTTPS depending on port I specify it for?
Thanks
c# asp.net-core .net-core kestrel-http-server kestrel
asked Mar 26 at 10:40
QuestionerQuestioner
1591 silver badge18 bronze badges
add a comment |
Using .NET Core 2.1, C#, Kestrel.
This is going to be a weird request but:
I have an external URL of which requires to be HTTPS and an internal URL which is HTTP only.
I am wondering how I can redirect any traffic to HTTP on port 443 to HTTPS (staying on same port, 443); at the moment it stays on HTTP and dies a horrible death.
(Note: port 888 remains as HTTP and any traffic going to there needs to stay as insecure HTTP.)
I have it set up in Program.cs as so:
WebHost.CreateDefaultBuilder(args)
.UseStartup<Startup>()
.UseKestrel(options =>
options.Listen(IPAddress.Any, 443, opts=>
opts.UseHttps("mycert.pfx");
);
options.Listen(IPAddress.Any, 888);
)
.Build();
On Startup, I tried with Configure(IApplicationBuilder app...)
app.UseHttpsRedirection();
But this resulted in ALL traffic on both ports being redirected to HTTPS which is a problem for 888 as there is no SSL cert for it!
Is there any way to redirect from HTTP to HTTPS depending on port I specify it for?
Thanks
c# asp.net-core .net-core kestrel-http-server kestrel
asked Mar 26 at 10:40
QuestionerQuestioner
1591 silver badge18 bronze badges
add a comment |
Using .NET Core 2.1, C#, Kestrel.
This is going to be a weird request but:
I have an external URL of which requires to be HTTPS and an internal URL which is HTTP only.
I am wondering how I can redirect any traffic to HTTP on port 443 to HTTPS (staying on same port, 443); at the moment it stays on HTTP and dies a horrible death.
(Note: port 888 remains as HTTP and any traffic going to there needs to stay as insecure HTTP.)
I have it set up in Program.cs as so:
WebHost.CreateDefaultBuilder(args)
.UseStartup<Startup>()
.UseKestrel(options =>
options.Listen(IPAddress.Any, 443, opts=>
opts.UseHttps("mycert.pfx");
);
options.Listen(IPAddress.Any, 888);
)
.Build();
On Startup, I tried with Configure(IApplicationBuilder app...)
app.UseHttpsRedirection();
But this resulted in ALL traffic on both ports being redirected to HTTPS which is a problem for 888 as there is no SSL cert for it!
Is there any way to redirect from HTTP to HTTPS depending on port I specify it for?
Thanks
c# asp.net-core .net-core kestrel-http-server kestrel
asked Mar 26 at 10:40
QuestionerQuestioner
1591 silver badge18 bronze badges
Using .NET Core 2.1, C#, Kestrel.
This is going to be a weird request but:
I have an external URL of which requires to be HTTPS and an internal URL which is HTTP only.
I am wondering how I can redirect any traffic to HTTP on port 443 to HTTPS (staying on same port, 443); at the moment it stays on HTTP and dies a horrible death.
(Note: port 888 remains as HTTP and any traffic going to there needs to stay as insecure HTTP.)
I have it set up in Program.cs as so:
WebHost.CreateDefaultBuilder(args)
.UseStartup<Startup>()
.UseKestrel(options =>
options.Listen(IPAddress.Any, 443, opts=>
opts.UseHttps("mycert.pfx");
);
options.Listen(IPAddress.Any, 888);
)
.Build();
On Startup, I tried with Configure(IApplicationBuilder app...)
app.UseHttpsRedirection();
But this resulted in ALL traffic on both ports being redirected to HTTPS which is a problem for 888 as there is no SSL cert for it!
Is there any way to redirect from HTTP to HTTPS depending on port I specify it for?
Thanks
c# asp.net-core .net-core kestrel-http-server kestrel
c# asp.net-core .net-core kestrel-http-server kestrel
asked Mar 26 at 10:40
QuestionerQuestioner
1591 silver badge18 bronze badges
asked Mar 26 at 10:40
QuestionerQuestioner
1591 silver badge18 bronze badges
asked Mar 26 at 10:40
QuestionerQuestioner
1591 silver badge18 bronze badges
asked Mar 26 at 10:40
QuestionerQuestioner
1591 silver badge18 bronze badges
asked Mar 26 at 10:40
QuestionerQuestioner
1591 silver badge18 bronze badges
1591 silver badge18 bronze badges
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
The middleware pipeline by default runs regardless of what endpoint is used to reach your application. So if you just do app.UseHttpsRedirection(), then the HTTPS redirection middleware will run for all your public endpoints.
There is a mechanism using UseWhen that allows you to set up a conditional middleware pipeline, when middleware is only added in certain conditions. This would look like this:
app.UseWhen(context => context.Request.Port == 888, httpApp =>
httpApp.UseHttpsRedirection();
);
However, in your situation, this won’t help: The problem is that on a single port, you can only ever host a single thing. So if you want to host your application with HTTPS on port 443, then it will only accept HTTPS there. If you try to connect using unsecure HTTP, then it will fail because it cannot perform the necessary handshake.
What you would want to do here is host both HTTP and HTTPS on the same port but that simply does not work since there isn’t a mechanism to figure out whether a client wants to do HTTP or HTTPS before they are actually already attempted to establish either.
So no, you cannot redirect HTTP on port 443 to HTTPS on port 443.
answered Mar 26 at 10:50
pokepoke
228k50 gold badges355 silver badges421 bronze badges
Hero <3 Now that you explain it, it makes sense. Want I am trying to avoid is a client going to HTTP (443) when really they should be using HTTPS (443).
– Questioner
Mar 26 at 11:27
add a comment |
Your Answer
StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55355111%2fhttps-redirection-for-specific-port-only-listening-on-mixed-ports-with-kestrel%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
The middleware pipeline by default runs regardless of what endpoint is used to reach your application. So if you just do app.UseHttpsRedirection(), then the HTTPS redirection middleware will run for all your public endpoints.
There is a mechanism using UseWhen that allows you to set up a conditional middleware pipeline, when middleware is only added in certain conditions. This would look like this:
app.UseWhen(context => context.Request.Port == 888, httpApp =>
httpApp.UseHttpsRedirection();
);
However, in your situation, this won’t help: The problem is that on a single port, you can only ever host a single thing. So if you want to host your application with HTTPS on port 443, then it will only accept HTTPS there. If you try to connect using unsecure HTTP, then it will fail because it cannot perform the necessary handshake.
What you would want to do here is host both HTTP and HTTPS on the same port but that simply does not work since there isn’t a mechanism to figure out whether a client wants to do HTTP or HTTPS before they are actually already attempted to establish either.
So no, you cannot redirect HTTP on port 443 to HTTPS on port 443.
answered Mar 26 at 10:50
pokepoke
228k50 gold badges355 silver badges421 bronze badges
Hero <3 Now that you explain it, it makes sense. Want I am trying to avoid is a client going to HTTP (443) when really they should be using HTTPS (443).
– Questioner
Mar 26 at 11:27
add a comment |
The middleware pipeline by default runs regardless of what endpoint is used to reach your application. So if you just do app.UseHttpsRedirection(), then the HTTPS redirection middleware will run for all your public endpoints.
There is a mechanism using UseWhen that allows you to set up a conditional middleware pipeline, when middleware is only added in certain conditions. This would look like this:
app.UseWhen(context => context.Request.Port == 888, httpApp =>
httpApp.UseHttpsRedirection();
);
However, in your situation, this won’t help: The problem is that on a single port, you can only ever host a single thing. So if you want to host your application with HTTPS on port 443, then it will only accept HTTPS there. If you try to connect using unsecure HTTP, then it will fail because it cannot perform the necessary handshake.
What you would want to do here is host both HTTP and HTTPS on the same port but that simply does not work since there isn’t a mechanism to figure out whether a client wants to do HTTP or HTTPS before they are actually already attempted to establish either.
So no, you cannot redirect HTTP on port 443 to HTTPS on port 443.
answered Mar 26 at 10:50
pokepoke
228k50 gold badges355 silver badges421 bronze badges
Hero <3 Now that you explain it, it makes sense. Want I am trying to avoid is a client going to HTTP (443) when really they should be using HTTPS (443).
– Questioner
Mar 26 at 11:27
add a comment |
The middleware pipeline by default runs regardless of what endpoint is used to reach your application. So if you just do app.UseHttpsRedirection(), then the HTTPS redirection middleware will run for all your public endpoints.
There is a mechanism using UseWhen that allows you to set up a conditional middleware pipeline, when middleware is only added in certain conditions. This would look like this:
app.UseWhen(context => context.Request.Port == 888, httpApp =>
httpApp.UseHttpsRedirection();
);
However, in your situation, this won’t help: The problem is that on a single port, you can only ever host a single thing. So if you want to host your application with HTTPS on port 443, then it will only accept HTTPS there. If you try to connect using unsecure HTTP, then it will fail because it cannot perform the necessary handshake.
What you would want to do here is host both HTTP and HTTPS on the same port but that simply does not work since there isn’t a mechanism to figure out whether a client wants to do HTTP or HTTPS before they are actually already attempted to establish either.
So no, you cannot redirect HTTP on port 443 to HTTPS on port 443.
answered Mar 26 at 10:50
pokepoke
228k50 gold badges355 silver badges421 bronze badges
The middleware pipeline by default runs regardless of what endpoint is used to reach your application. So if you just do app.UseHttpsRedirection(), then the HTTPS redirection middleware will run for all your public endpoints.
There is a mechanism using UseWhen that allows you to set up a conditional middleware pipeline, when middleware is only added in certain conditions. This would look like this:
app.UseWhen(context => context.Request.Port == 888, httpApp =>
httpApp.UseHttpsRedirection();
);
However, in your situation, this won’t help: The problem is that on a single port, you can only ever host a single thing. So if you want to host your application with HTTPS on port 443, then it will only accept HTTPS there. If you try to connect using unsecure HTTP, then it will fail because it cannot perform the necessary handshake.
What you would want to do here is host both HTTP and HTTPS on the same port but that simply does not work since there isn’t a mechanism to figure out whether a client wants to do HTTP or HTTPS before they are actually already attempted to establish either.
So no, you cannot redirect HTTP on port 443 to HTTPS on port 443.
answered Mar 26 at 10:50
pokepoke
228k50 gold badges355 silver badges421 bronze badges
answered Mar 26 at 10:50
pokepoke
228k50 gold badges355 silver badges421 bronze badges
answered Mar 26 at 10:50
pokepoke
228k50 gold badges355 silver badges421 bronze badges
answered Mar 26 at 10:50
pokepoke
228k50 gold badges355 silver badges421 bronze badges
228k50 gold badges355 silver badges421 bronze badges
Hero <3 Now that you explain it, it makes sense. Want I am trying to avoid is a client going to HTTP (443) when really they should be using HTTPS (443).
– Questioner
Mar 26 at 11:27
add a comment |
Hero <3 Now that you explain it, it makes sense. Want I am trying to avoid is a client going to HTTP (443) when really they should be using HTTPS (443).
– Questioner
Mar 26 at 11:27
Hero <3 Now that you explain it, it makes sense. Want I am trying to avoid is a client going to HTTP (443) when really they should be using HTTPS (443).
– Questioner
Mar 26 at 11:27
Hero <3 Now that you explain it, it makes sense. Want I am trying to avoid is a client going to HTTP (443) when really they should be using HTTPS (443).
– Questioner
Mar 26 at 11:27
add a comment |
Got a question that you can’t ask on public Stack Overflow? Learn more about sharing private information with Stack Overflow for Teams.
Got a question that you can’t ask on public Stack Overflow? Learn more about sharing private information with Stack Overflow for Teams.
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55355111%2fhttps-redirection-for-specific-port-only-listening-on-mixed-ports-with-kestrel%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
