Reputation: 16150
Incorrect scheme in .NET core app when request goes through reverse-proxy
I have apache working as reverse-proxy. Behind apache there is .NET core application. Both use HTTPS. The problem is, that when I access this .NET app through proxy, .NET reports that request was made without SSL using http.
Apache proxy config:
SSLProxyEngine on
<Location "/">
ProxyPass "https://domain:8444/"
ProxyPassReverse "https://domain:8444/"
</Location>
Apache is accessible via https://domain/.
When I access app through https://domain:8444/ address, then httpContext.Request.IsHttps==true and httpContext.Request.Scheme=="https", but when I access app through https://domain/ then httpContext.Request.IsHttps==false and httpContext.Request.Scheme=="http".
When I try the same configuration with PHP, everything works OK. Is there anything I can do?
Upvotes: 5
Views: 2578
Answers (1)
Reputation: 64278
First you have to make sure your apache is setting the X-Forwarded-For and X-Forwarded-Proto headers.
Second you need to make your ASP.NET Core application aware of it. From the docs:
app.UseForwardedHeaders(new ForwardedHeadersOptions
{
ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto
});
This already happens in the UseIISIntegration() (see source), but you may have removed that (or it not being set in the template you used).
Upvotes: 6
Related Questions
- ASP.Net Core Reverse Proxy with different root
- `X-Forwarded-For` is not used by ASP.Net Core behind reverse proxy
- .Net core POST API in NGINX reverse proxy throws error 404
- .NET Core reverse proxy middleware and signalR
- Iis reverse Proxy 404
- Use app.usehsts() in the case of a proxy server apache
- Linux ASP.Net core with Apache and reverse proxy
- ASP.NET Core Apache Reverse Proxy for Kestrel
- Reverse proxy and in-process HTTP server in Asp.Net Core
- Specify proxy in asp.net core rc2