So I started working with asp.net core on my computer running arch linux. When I was on mac, to get dev-certs to work, I would run dotnet dev-certs https --trust in terminal to setup dev certs. This only works on osx and windows. To try and get the certificates working I tried to do the following things:
https://github.com/amadoa/dotnet-devcert-linux
https://bbs.archlinux.org/viewtopic.php?id=251330
These two solutions unfortunately did not work for me. Fortunately I found a workaround by allowing non secure connections over localhost in my browse, but I'm still wondering if anyone knows how to setup dev certs in arch linux?
Related
I am deploying my API (ASP.NET Core 3.1) to a server and I am listening on https url only:
return WebHost.CreateDefaultBuilder(args)
.UseStartup<Startup>()
.UseUrls("http://*:5000;https://*:5001");
But I am getting and error:
crit: Microsoft.AspNetCore.Server.Kestrel[0]
Unable to start Kestrel.
System.InvalidOperationException: Unable to configure HTTPS endpoint. No server certificate was specified, and the default developer certificate could not be found or is out of date.
In deployement, you make your self-signed ceritifate with:
...
dotnet dev-certs https --trust
...
But I cannot use it ofcourse because I have only runtime .Net Core and not SDK and it should be deployed app.
I have certificate file and key ssl.crt and ssl.key which I am using in my frontends apps (apache settings etc etc... you know what I mean).
Can I use it in ASP.NET or how do I do it?
Thanks
So as you can see in comments above (under question), there was a tip from Lex Li to listen on http:// and use proxyreverse to redirect https calls onto http.
But to be honest, this solution is little bit shady and I did not want to do it that way, so I continued my searching and found NuGet LettuceEncrypt which is actually solving my problem. I can now listen https calls, I dont need to use some shady solution with proxyreverse and also I dont have to install whole SDK to use dotnet dev-certs commands.
On github page I sent before is sample usage with 2 sample applications, so if you have similar problem, take a look at it and maybe it will wolve the problem for you too.
I am totally new to .NET and I came across one problem that is related to an agent application.
Its an IoT agent application which will be deployed and run Windows and Linux systems.
The application is a Web Service based application and uses HTTPS certificate to enable the secure communication between the clients and agent. When I tried to run the application on one of the system, I got error as
System.InvalidOperationException: Unable to configure HTTPS endpoint. No server certificate was specified, and the default developer certificate could not be found.
After going through most of the posts, I found that we need to download and install the 'dotnet' run time on the system and run below commands
dotnet dev-certs https
dotnet dev-certs https --check
However, for development environment its okay to run these commands. I am looking for a solution where we can run the application without download and installing the dotnet runtime environment.
What are the initial configuration settings those may required to run the application?
It's not the runtime you are missing (you wouldn't be able to execute the application and get the exception). You are missing a valid certificate for your server.
On a development machine you would issue the command
dotnet dev-certs https --trust
to install a trusted self signed certificate. On a production server you have to install a certificate from your certificate server or if it's public accessible from a trusted certificate authority.
Finally, able to run the application on Windows 7 and Windows 10 machine with the PFX certificate.
You need to generate the certificate. You may follow below link to generate the certificate.
https://www.sslsupportdesk.com/export-ssl-certificate-private-key-pfx-using-mmc-windows/
It is required to configure the Kestrel settings in JSON file. Below is the possible JSON configuration to use the certificate
{
"Kestrel": {
"Endpoints": {
"Https": {
"Url": "https://localhost:9448",
"Certificate": {
"Path": "path/to/certificate/file/your-cert.pfx",
"Password": "PwdOfCert",
"AllowInvalid": true
}
}
}
}
}
I'm trying to replicate what Visual Studio does on F5 debugging in my .net core api application.
It seems that "dotnet run --project" is the trick that I'm looking for except for one thing:
When I run with F5, it runs on https and it is trusted.
When I run with dotnet run, it runs on https and it is NOT trusted.
And I seem to be having problems using the application even though it seems to be running.
Any thoughts? I would like to do the same trick that F5 does just in order to test my application, however dotnet run must be missing some sort of certificate or something?
I really don't want to have to change my source code or to do anything with certs, again, because it is working as designed on F5, just need to do the same trick for dotnet run.
Based on the documentation here, it seems like you need to install and trust the development certificate:
.NET Core SDK includes a HTTPS development certificate. The certificate is installed as part of the first-run experience.
While the certificate is installed at this stage, it goes on to say that:
Installing the .NET Core SDK installs the ASP.NET Core HTTPS development certificate to the local user certificate store. The certificate has been installed, but it's not trusted. To trust the certificate perform the one-time step to run the dotnet dev-certs tool.
To trust it, you should use the following command:
dotnet dev-certs https --trust
This should show a dialog prompting you to trust the certificate. Once this is done, you can start your project running again, and restart your browsers. This should allow you to access the site on https://localhost:portnumber
I was flowing this guide Quickstart, so i instaled all the things i was supposed to and created ASP.NET on Google Cloud Platform created project.
Then i created VM:
VM
And when i'm trying to publish i have that:
Publishing GcpProject1 to Compute Engine.
msbuild.exe "C:\Users\peter\source\repos\GcpProject1\GcpProject1\GcpProject1.csproj" /p:Configuration=Release /p:Platform=AnyCPU /t:WebPublish /p:WebPublishMethod=FileSystem /p:DeleteExistingFiles=True /p:publishUrl="C:\Users\peter\AppData\Local\Temp\fflssbvg.hc0"
Failed to publish project GcpProject1.
I turned off firewall and i have same versions of .net framework on server and locally.
Help me please to find the solution.
I just face the same problem, the error message from asp.net is short and hard to figure out.
dotnet publish -o "C:\Users\Puzzle\AppData\Local\Temp\v1opor1f.mdb" -c Release
Failed to deploy project HelloWorld to App Engine Flex.
I check other solutions , and find this works for me : https://cloudplatform.googleblog.com/2017/10/4-ways-you-can-deploy-an-ASP.NET-Core-app-to-GCP.html
just use powershell to send command and that works. hope it helps
I am learning .Net Core.
I have developed WebApplication using ASP.Net MVC and as it can be installed and run on Local IIS.
What's the similar way to Host / Publish .Net Core WebApi in Ubuntu and Linux instead of running on specific port like 5000?
Is docker helpful for that context? If yes then how can I use it?
Is it possible to host / publish without docker? How can i Host / Publish without Docker?
I also read following link and implemented all steps.
Publish to a Linux Production Environment
In above link i am unable to identify what will be the url to access webapi?
As #Pawel has noted, the recommended way to host your .NET Core Web API or ASP.NET Core application is using Kestrel, the webserver which is built into the dotnet core tooling. For development purposes you do not need another webserver to start and test your api.
You do not need Docker to host your web application/API, but should consider it for production hosting because it's a clean, fast way to automate releases and isolate processes.
With Docker the process structure is the same - Docker just hosts and manages the processes. You would have Kestrel running you API in one Docker container, and Nginx (in another container or installed on the base OS) forwarding calls to it.
Hosting your API without Docker
On Ubuntu, use either Nginx (or Apache) to provide your public HTTPS, and configure it to forward requests to your Kestrel server, which typically runs on port 5000. If your server is running a firewall, do not expose port 5000, but open port 443 (HTTPS) on that machine. Setting up Nginx is covered in the article you referenced. As noted, not required just to start and test your Web API.
Kestrel is fast but very simple - eg. it does not support HTTPS (which you should use for a public API, because you will need authentication, and you can't authenticate securely without HTTPS. There are many other reasons to use Nginx/Apache over Kestrel - security, load balancing, reverse proxy capabilies etc.
Simple steps to get just you API running in a development setup
Ensure you are defining the appropriate runtime in you project.json
"runtimes": {
"win7-x64": {},
"win81-x64": {},
"ubuntu.14.04-x64": {},
"debian.8-x64": {}
}
Ensure that your project.json defines "emitEntryPoint": true in the buildOptions section.
Build your project for the platform you will deploy to: dotnet build -r ubuntu.14.04-x64 --build-profile Release
Publish you project for the platform: dotnet publish -r ubuntu.14.04-x64 --configuration Release -o ./bin/Release/Publish
Use the command line as I've shown to build and publish your app for Ubuntu - I have tried in VS 2015 Update 3 and had problems getting it to build for the right runtime
Copy the files in the Publish folder to your Ubuntu VM or server, and add any files you app needs to run, such as appsettings.json.
Ensure that the appropriate .NET Core framework is installed on your Linux machine.
Open a terminal window, sudo -i to get admin rights, cd to the folder where you put your binaries and run your api using : dotnet MyWebApi.dll where MyWebApi.dll is the main output of your build process.
At this point Kestrel should start with the usual message saying what port it is listening on (say, 5000). If it is a headless server, you should be able to call you Web API using curl:
curl http://localhost:5000/whatever/your/api/needs/here
If the Ubuntu box has a GUI (Gnome etc) you should be able to connect to your api with a browser.
If your Ubuntu server is not running a firewall, you should be able to connect to the Web API with a browser from another machine on the same network:
http://<linux-ip-address>:5000/whatever/your/api/needs/here
You can get the IP address of your Ubuntu server by typing ip addr show in a terminal window.
Notes
Managing your firewall is dependent on your Linux distro. If the server is public, you really must run one and use it to shut down access to you Kestrel service.
Setting up Docker is more complicated, too much to add here. Ask a separate question and I will document what I have done.
Note that when you run under IIS on Windows, exactly the same thing is happening: IIS forwards the requests to Kestrel on port 5000 or whatever you specify. Typically IIS is configured (via the web.config file generated by your publish) to start Kestrel when it is needed and keep it running. You could start your app manually on Windows with dotnet MyWebApi.dll and configure IIS to forward to it.
Running as I've described is fine when learning, but for production you would need to define you API to start as a Linux daemon and have Linux restart it if it crashes (Docker can also do this for you). IIS generally takes care of this for you.
Asp.NET Core application use a cross platform application web server called Kestrel. You can run your application with Kestrel directly (e.g. using dotnet run - very useful during devlepment) however it's not recommended expose Kestrel directly to the outside world, so in a production environment you would put IIS in front of your application when running on Windows or nginx when running on Linux. You can find a sample nginx config here: https://github.com/aspnet/ServerTests/blob/dev/test/ServerComparison.FunctionalTests/nginx.conf
You can specify url/port like this (in your "Program.cs" file):
public static void Main(string[] args) {
var host = new WebHostBuilder()
.UseKestrel()
.UseUrls("http://192.168.0.0:8080")
.UseContentRoot(Directory.GetCurrentDirectory())
.UseStartup<Startup>()
.Build();
host.Run();
}
Replace "192.168.0.0" with the actual ip or url in the UseUrls() method.
In your project directory just open a terminal/console window and run "dotnet run".
Make sure it says "Now listening on: 192.168.0.0:8080" (or the url/ip you put in).
The above example assumes you are using Startup for your startup class