<access sslFlags="Ssl.SslRequireCer"> in .net core

Question

I am converting my app from .net framework to .net core 2.1. Now I am facing two issues

1) In .net framework we could use HttpClientCertificate cert = Request.ClientCertificate; So how can we use Request.ClientCertificate in .net core.

2) In .net framework we could set location config like

 <location path="MyPath">
    <system.webServer>
      <security>
        <access sslFlags="Ssl.SslRequireCert,SslNegotiateCert,Ssl128" />
      </security>
    </system.webServer>
  </location>

I want to use <access sslFlags="Ssl.SslRequireCert,SslNegotiateCert,Ssl128" /> in net core. How can I do these 2 things. Any help?

Answer 1

To access client certificate you can either:

• use HttpContext.Connection.ClientCertificate property
• get certificate using header: Request.Headers["X-ARR-ClientCert"]

To use sslFlags you have to add it in the web.config file (exactly like for the standard .NET Framework). webconfig file is auto-generated once you publish your app. Once you open it you can add

access sslFlags to it:

<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <location path="." inheritInChildApplications="false">
    <system.webServer>
      <handlers>
        <add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModule" resourceType="Unspecified" />
      </handlers>
      <aspNetCore processPath="dotnet" arguments=".\IdentityServer4Demo.dll" stdoutLogEnabled="false" stdoutLogFile="\\?\%home%\LogFiles\stdout" />
    </system.webServer>
  </location>
  <location path="account">
    <system.webServer>
      <security>
        <access sslFlags="Ssl,SslNegotiateCert,SslRequireCert" />
      </security>
    </system.webServer>
  </location>
    <system.webServer>
        <security>
            <access sslFlags="SslNegotiateCert" />
        </security>
    </system.webServer>
</configuration>