Skip to content
/ KestrelHttps Public

Enforce HTTPS for an ASP.NET Web API hosted in Kestrel

License

MIT license
6 stars 5 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

dotnet-labs/KestrelHttps

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits

.github

.github

 
 

MyWebApi

MyWebApi

 
 

https

https

 
 

.dockerignore

.dockerignore

 
 

.gitignore

.gitignore

 
 

Dockerfile

Dockerfile

 
 

LICENSE.md

LICENSE.md

 
 

MyWebApi.sln

MyWebApi.sln

 
 

README.md

README.md

 
 

docker-compose.yml

docker-compose.yml

 
 

https-redirect.gif

https-redirect.gif

 
 

ssl-certificate-localhost.gif

ssl-certificate-localhost.gif

 
 

Repository files navigation

Enforce HTTPS for an ASP.NET Web API hosted in Kestrel

Buy Me a Coffee at ko-fi.com

Kestrel used as an edge (Internet-facing) web server.

Medium Article: Hosting an ASP.NET Core App on Docker with HTTPS

Configure Kestrel

Documentation in Microsoft Docs

Kestrel used as an edge server without a reverse proxy server doesn't support sharing the same IP and port among multiple processes. When Kestrel is configured to listen on a port, Kestrel handles all of the traffic for that port regardless of requests' Host headers.

Kestrel options

  • Maximum request body size The default maximum request body size is 30,000,000 bytes, which is approximately 28.6 MB.

    The recommended approach to override the limit in an ASP.NET Core MVC app is to use the RequestSizeLimitAttribute attribute on an action method:

    [RequestSizeLimit(100 * 1024 * 1024)]
public IActionResult MyActionMethod()

  • Minimum request body data rate

    Kestrel checks every second if data is arriving at the specified rate in bytes/second. If the rate drops below the minimum, the connection is timed out. The grace period is the amount of time that Kestrel gives the client to increase its send rate up to the minimum; the rate isn't checked during that time. The grace period helps avoid dropping connections that are initially sending data at a slow rate due to TCP slow-start.

    The default minimum rate is 240 bytes/second with a 5 second grace period.

    A minimum rate also applies to the response. The code to set the request limit and the response limit is the same except for having RequestBody or Response in the property and interface names.

  • Request headers timeout

    Gets or sets the maximum amount of time the server spends receiving request headers. Defaults to 30 seconds.

Build an ASP.NET Core Web App on Docker

# in this directory
docker compose up --build

Then visit https://localhost:44392/

# in this directory
docker build . -t aspnetapp
docker run -it -p 5000:5000 aspnetapp
docker run --rm -it \
    -p 5000:5000 -p 5001:5001 \
    -e ASPNETCORE_URLS="https://+;http://+" \
    -e ASPNETCORE_HTTPS_PORT=5001 \
    -e ASPNETCORE_Kestrel__Certificates__Default__Password="mypassword123" \
    -e ASPNETCORE_Kestrel__Certificates__Default__Path=//https/aspnetapp.pfx \
    -v /$PWD/https/aspnetapp.pfx://https/aspnetapp.pfx \
    aspnetapp
  • Check Certificate

ssl certificate localhost

  • HTTPS Redirect

HTTPS redirect

License

Feel free to use the code in this repository as it is under MIT license.

Buy Me a Coffee at ko-fi.com

About

Enforce HTTPS for an ASP.NET Web API hosted in Kestrel

Topics

docker ssl dotnet docker-compose https dotnetcore ssl-certificate kestrel

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

6 stars

Watchers

2 watching

Forks

5 forks
Report repository

Releases

No releases published

Sponsor this project

Packages

No packages published

Languages