[英]ASP.Net Core application service only listening to Port 5000 on Ubuntu
I am trying to host an ASP.Net Core MVC application (https redirection is enabled) on Ubuntu server, using Nginx as a reverse proxy. 我试图在Ubuntu服务器上托管ASP.Net Core MVC应用程序(启用https重定向),使用Nginx作为反向代理。 I have created and installed a local SSL certificate using OpenSSL.
我使用OpenSSL创建并安装了本地SSL证书。 When i run my application using dotnet CLI it listens on both http://localhost:5000 & https://localhost:5001 , and i am able to access it on web using https (http requests are being redirect to https by Nginx).
当我使用dotnet CLI运行我的应用程序时,它会同时侦听http:// localhost:5000和https:// localhost:5001 ,并且我可以使用https在Web上访问它(http请求被Nginx重定向到https) 。
The problem is when i try to run the as a service, it only listens on http://localhost:5000 . 问题是当我尝试运行作为服务时,它只侦听http:// localhost:5000 。
Here's the *.service file : 这是* .service文件:
[Unit]
Description=Test ASP.Net core web application service.
[Service]
WorkingDirectory=/home/ubuntu/MyAppFolder
ExecStart=/usr/bin/dotnet/home/ubuntu/MyAppFolder/MyApplication.dll
Restart=always
# Restart service after 10 seconds if the dotnet service crashes:
RestartSec=10
SyslogIdentifier=MyApplication
User=www-data
Environment=ASPNETCORE_ENVIRONMENT=Development
Environment=DOTNET_PRINT_TELEMETRY_MESSAGE=false
Environment=ASPNETCORE_HTTPS_PORT=5001
Environment=ASPNETCORE_URLS=http://localhost:5000;https://localhost:5001
[Install]
WantedBy=multi-user.target
Environment details : ASP.Net Core 2.1.1, ASP.Net Core SDK 2.1.3, Nginx 1.14, Ubuntu 16.04 环境细节 :ASP.Net Core 2.1.1,ASP.Net Core SDK 2.1.3,Nginx 1.14,Ubuntu 16.04
Finally i figured out the issue. 最后我想出了这个问题。 The issue is that a developer ssl certificate is installed with dotnet SDK with the name localhost.
问题是开发人员ssl证书与dotnet SDK一起安装,名称为localhost。 In case of Ubuntu the certificate is located at /home/{user name} /.dotnet/corefx/cryptography/x509stores/my
如果是Ubuntu,证书位于/ home / {user name} /.dotnet/corefx/cryptography/x509stores/my
Kestrel just searches in the home directory of executing user, which does not exists for 'www-data', hence it couldn't locate the development certificate. Kestrel只搜索执行用户的主目录,这对于'www-data'是不存在的,因此无法找到开发证书。 Due to which it doesn't bind to default https port.
由于它没有绑定到默认的https端口。
To get it working, i first converted my existing certificate in PEM ( .crt) format to PKCS12 ( .pkf) using OpenSSL. 为了使其正常工作,我首先使用OpenSSL 将 PEM( .crt)格式的现有证书转换为PKCS12( .pkf)。 Below is the command.
以下是命令。
sudo openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt -certfile more.crt
Then i needed to specify this certificate to Kestrel server, using appsettings.json file. 然后我需要使用appsettings.json文件将此证书指定给Kestrel服务器。 Below is how the file looks now :
下面是该文件现在的样子:
{
"ConnectionStrings": {
"PostgresConnection": "Host=localhost; Database=postgres; Username=postgres; Password=xyz123"
},
"Logging": {
"IncludeScopes": false,
"LogLevel": {
"Default": "Warning"
}
},
"Kestrel": {
"Endpoints": {
"HTTPS": {
"Url": "https://localhost:5001",
"Certificate": {
"Path": "/etc/ssl/certs/<certificate.pfx>",
"Password": "xyz123"
}
}
}
}
}
Then you need to add www-data user to ssl-certs group. 然后,您需要将www-data用户添加到ssl-certs组。 below is command line :
下面是命令行:
sudo usermod -aG ssl-cert www-data
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.