SSL encryption on self hosted OWIN WebAPI
I'm creating a self hosted OWIN-based WebAPI with Static Content. Without ssl everything works as it should, but i don't really know how to implement ssl.
I read the guides here and here, but the question is: do I need to secure the port, that is used by the webapi (in my case: 9000) or the standard 443 port?
The Static Content should be a simple url like www.mysupergreatsite.com (without port). When calling the url, the browser should be redirected to the static files... to the port 9000 i guess?!
Is it a good way to make a litte redirection site somewhere else (e.g. iis)?
You want to run SSL into the port that faces the outside world. It doesnt really matter which port that is, but by convention 443 is the default for SSL, and therefore doesnt need an explicit port. If you dont want your users to have to enter a port explicitly, then you either need to
- Run your application on port 443 or
- Change the default SSL port
Changing the default port can be done IIS when you create your site binding:
- HTTP to HTTPS Nginx too many redirects
- curl error 60 while downloading https://repo.packagist.org Certificate issue on Ubuntu?
- nginx the "ssl" directive is deprecated, use the "listen ... ssl"
- How to install OpenSSL in windows 10?
- How to enable TLS for Redis 6 on Sidekiq?
- SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
- Can't send client certificate via SslStream
- How to secure multiple wildcard domain names in single SSL certificate?
- cURL error 60: SSL certificate problem: certificate has expired
- Importing SSL Certificate into Eclipse
- WARN: Establishing SSL connection without server's identity verification is not recommended
- How to connect an ESP32 to MQTT server with public IP and SSL?
- SSL Localhost Privacy error
- Load CA root certificate at runtime in Java
- CertPathValidatorException : Trust anchor for certificate path not found - Retrofit Android
- CURL showing "No required SSL certificate was sent" eve
- How to know which TLS version is being used by gRPC?
- Securing grafana ingress with tls in kube-prometheus-stack values.yaml and make grafana available via https
- MariaDB update causes client connection problem : mariadb.OperationalError: TLS/SSL error: SSL is required, but the server does not support it
- HTTPS connections to cloudfront / S3 using godaddy domain
- SSL Self-Signed Certificates Issue in Gitlab
- Composer Curl error 60: SSL certificate problem: unable to get local issuer certificate
- Nginx keeps showing "welcome to nginx" for https but it's working fine with http
- PostgreSQL `aws_s3` Extension: SSL Certificate Verification Failed with Self-Signed Certificate
- SSLmode in FireDac for connection to Postgres
- SSL/TLS error on exposing Fuction App in API Management
- Mutual TLS connection from OpenLiberty with custom keystore
- How to solve SSL certificate: self signed certificate when cloning repo from github?
- How to disable HTTPS or change to HTTP in dev and prod version on symfony?
- TCP proxy with reading payload