我正在try 使用证书存储中的证书为kestrel配置HTTPS.以下是我到目前为止所取得的成就:
appsettings.json个
{
"SSLCertificate": {
"Serial": "serialNumberFromCertificateStore"
},
"AllowedHosts": "*",
"Kestrel": {
"Endpoints": {
"Http": {
"Url": "https://*:8090",
"Protocols": "Http1"
},
"gRPC": {
"Url": "https://*:8091",
"Protocols": "Http2"
}
}
}
}
Program.cs个
var builder = WebApplication.CreateBuilder(new WebApplicationOptions
{
Args = args,
ContentRootPath = WindowsServiceHelpers.IsWindowsService() ? AppContext.BaseDirectory : default
});
builder.WebHost.ConfigureKestrel((context, serverOptions) =>
{
var kestrelSection = context.Configuration.GetSection("Kestrel");
var certSerial = context.Configuration.GetSection("SSLCertificate").GetValue<string>("Serial");
if (!string.IsNullOrEmpty(certSerial))
{
// Retrieve the certificate from the Windows certificate store
using var store = new X509Store(StoreName.My, StoreLocation.CurrentUser);
store.Open(OpenFlags.ReadOnly);
var certificate = store.Certificates.Where(f => f.SerialNumber.ToUpper().Equals(certSerial.ToUpper())).FirstOrDefault();
if (certificate != null)
{
serverOptions.Configure(kestrelSection);
// Configure HTTPS endpoint with the retrieved certificate
serverOptions.ListenAnyIP(8090, listenOptions =>
{
listenOptions.UseHttps(certificate);
});
}
}
});
我从appsettings.json中读取证书序列号,并在检索证书后将其应用于HTTPS方法中.问题是它try 开始监听端口8090两次.如果我改变了端口,它会监听该端口并识别证书,但不会做出任何响应.
我在这里应该做什么?