If I would like to use https in an ASP.NET Core application running IIS as a reverse proxy, do I need to configure the SSL cert in IIS or ASP.NET Core or both?
My plan was to install the cert on IIS. Is this enough?
Install cert on IIS is enough, as current implementation of IIS (ASP.NET Core Module) forwards client certificates to application anyway.
Yes, that should be correct - IIS handles SSL, so the back plane to ASP.NET Core can be unsecured.
This post gives a good explanation of how to set it up. It applies to RC2 but should be essentially unchanged for RTM.
https://weblog.west-wind.com/posts/2016/Jun/06/Publishing-and-Running-ASPNET-Core-Applications-with-IIS
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With