Skip to content

Kestrel config behaves differently when set using env vars vs. in-code #45801

@qui8t

Description

@qui8t

I have a Web API application that I want to configure it to listen on an HTTPS port. The app is containerized and orchestrated using Docker compose.

I can configure it by setting the following env variable in docker-compose, which works as expected.

services:
  webapi:
    environment:
      - ASPNETCORE_URLS=https://+:443

However, when I use the following approach as an alternative to setting the environment variable, it fails with the following error message.

builder.WebHost.ConfigureKestrel(options =>
{
    options.Listen(
    address: IPAddress.Any,
        port: 443,
        configure: listenOptions =>
        {
            listenOptions.Protocols = HttpProtocols.Http1AndHttp2;
            listenOptions.UseHttps();
        });
});

Unable to configure HTTPS endpoint. No server certificate was specified, and the default developer certificate could not be found or is out of date.

When I provide the filename and password to the SSL certificate file as the following, it works as expected.

builder.WebHost.ConfigureKestrel(options =>
{
    options.Listen(
    address: IPAddress.Any,
        port: 443,
        configure: listenOptions =>
        {
            listenOptions.Protocols = HttpProtocols.Http1AndHttp2;
            listenOptions.UseHttps("/root/.aspnet/https/cert.pfx", "Password");
        });
});

I assume setting the environment variable ASPNETCORE_URLS or calling ConfigureKestrel are equivalent, though, I am not sure what I am missing in the second approach.

Update

I was previously getting the following error, which was related to mapping the port 443 to an incorrect port of the container.

Detected a TLS handshake to an endpoint that does not have TLS enabled.

Metadata

Metadata

Assignees

Labels

area-networkingIncludes servers, yarp, json patch, bedrock, websockets, http client factory, and http abstractions

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions