I'm creating an ASP.NET Web API endpoint inside a console app which I need to host as a Windows Service.
Now everything is working except the endpoint is in http. I want to use https.
When I run it via Visual Studio.
I believe the Kestrel is behind an IIS as a reverse proxy and SSL certificates are validated. But when I host it as a Windows service. I'm getting certificate errors when trying to reach the endpoint
This is my Kestrel WebHost builder
var configigurations = new ConfigurationBuilder()
.AddJsonFile("appsettings.json", optional: false)
.Build();
var host = new WebHostBuilder()
.UseKestrel(options =>
{
options.ListenAnyIP(443, listenOptions =>
{
listenOptions.UseHttps("sslcertificate.pfx", "ssl@123");
});
})
.UseUrls(config.ApiBaseUrl)
.UseConfiguration(configigurations)
.UseStartup<Startup>()
.Build();
host.Run();
Since it runs as a Windows service and exposes the API, I cannot rely on IIS. I need to configure for Kestrel.
But how can I
Generate an SSL for localhost (I'm using Windows)
If I have already an SSL certificate in production (*.cert). How can I make a *.pfx (cert + RSA private key) from it on production server (also Windows)
This will create a certificate
dotnet dev-certs https -ep $env:USERPROFILE\.aspnet\https\aspnetapp.pfx -p crypticpassword
This will create a trust
dotnet dev-certs https --trust