Host ASP.NET CORE on IIS with SSL

Question

I have an application hosted on IIS with an SSL certificate. with standard ASP I could configure rewrite in web.config for automatically redirecting to the SSL version.

But how can I do it in core? I want that when someone opens a link over HTTP they will be automatically redirected to HTTPS.

Many thank in advance!

Answer 1

You still may (and should) use web.config

As soon as IIS deals with SSL - your app (Kestrel) receives "clean" HTTP, so it's too late to check for SSL connection in your code. You need to configure IIS to redirect from http to https .

I use this web.config (works in Azure):

<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <system.webServer>
    <handlers>
      <add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModule" resourceType="Unspecified"/>
    </handlers>
    <aspNetCore processPath="%LAUNCHER_PATH%" arguments="%LAUNCHER_ARGS%" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" forwardWindowsAuthToken="false"/>
    <rewrite>
      <rules>
        <clear />
        <rule name="Redirect to https" stopProcessing="true">
          <match url="(.*)" />
          <conditions>
            <add input="{HTTPS}" pattern="off" ignoreCase="true" />
          </conditions>
          <action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Permanent" appendQueryString="false" />
        </rule>
      </rules>
    </rewrite>
  </system.webServer>
</configuration>

Answer 2

In Asp.Net 2.1 and above, in your startup.cs simply add the following in the app Configure method:

public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
    // other app configure code here

    app.UseHttpsRedirection();

}