Reputation: 2469
Do I require HttpsRedirection?
"Kestrel": {
"Endpoints": {
"Https": {
"Url": "https://*:443",
"Protocols": "Http1"
},
"gRPC": {
"Url": "https://*:8443",
"Protocols": "Http2"
}
}
I am using the above kestrel configuration to run my ASP.NET Core Web API app. I have the required Self signed development certificate for development purposes and the CA certificate configuration for Server deployments.
My application is not public facing and I can configure the clients to the APIs over SSL. So, As seen above, I am not exposing an HTTP endpoint.
Do I require UseHttpsRedirection or ASPNETCORE_HTTPS_PORT configuration as I am not exposing a non-secure Http port?
Upvotes: 1
Views: 54
Answers (1)
Reputation: 93173
There's no need for UseHttpsRedirection in this scenario, where Kestrel listens only on https. The first step in the HttpsRedirectionMiddleware is to check whether the established connection is already on https: if it is, the middleware does nothing (it's a no-op):
if (context.Request.IsHttps) { return _next(context); }
Upvotes: 1
Related Questions
- How to configure IIS to define Client Certificate required on a specific endpoint when routing make endpoint path different from physical path
- Adding a CA certificate for client certificates
- Create X509 Certificate for Device from a CA certificate using C#
- Self-signed certificate for device with local IP
- Using same X509 certificate for multiple devices in Azure device provisioning service
- iOS Client Certificates and Mobile Device Management
- Using client certificate not in certificate store
- Using Client certificates for Windows RT (windows 8.1/windows phone 8.1)
- Is it possible to use a client certificate installed on an iOS device within my app?
- How can I request a client certificate only from a particular CA