Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

ASP.NET Core hosting in Apache using SSL and Cookie Authentication redirect

Tags:

reverse-proxy

ssl

asp.net-core

http-redirect

apache

I've made an asp.net core application and I'm trying to host it in Apache with reverse proxy. The app uses cookie authentication:

app.UseCookieAuthentication(new CookieAuthenticationOptions()
{
  AuthenticationScheme = "CookieAuthentication",
  LoginPath = new PathString("/Account/Login/"),
  AccessDeniedPath = new PathString("/Account/Forbidden/"),
  AutomaticAuthenticate = true,
  AutomaticChallenge = true
});

In httpd.conf I would like to use one SSL only host with custom port which serves content from Kestrel.

Listen 34567

<VirtualHost *:34567>
  ProxyPreserveHost On
  ProxyPass / http://127.0.0.1:5000/
  ProxyPassReverse / http://127.0.0.1:5000/
  SSLEngine on
  SSLProtocol all -SSLv3
  SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:!RC4+RSA:+HIGH:+MEDIUM:!LOW:!RC4
  SSLCertificateFile certs/server.crt
  SSLCertificateKeyFile certs/server.key
</VirtualHost>

When I use url https://testserver1:34567 it redirects to http://testserver1:34567/Account/Login/?ReturnUrl=%2F which of course gives a Bad Request. If I correct the url by changing it to https, everything works fine afterwards.

How can I make it so that it always redirects to a https url?

like image 718
cozalp Avatar asked Oct 16 '25 13:10

cozalp

1 Answers

The way I solved mine was to redirect all http requests, routes included, to https requests.

Here's my whole Apache config file.

<VirtualHost *:80>
    RewriteEngine On
    RewriteCond %{HTTPS} !=on
    RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
</VirtualHost>

<VirtualHost *:443>
    RequestHeader set X-Forwarded-Proto "https"
    ServerName mydomain.com

    ProxyPass / http://127.0.0.1:5000/
    ProxyPassReverse / http://127.0.0.1:5000/
    ErrorLog /var/log/httpd/netcore-error.log
    CustomLog /var/log/httpd/netcore-access.log common
    SSLEngine on
    SSLProtocol all -SSLv2
    SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:!RC4+RSA:+HIGH:+MEDIUM:!LOW:!RC4
    SSLCertificateFile /etc/letsencrypt/live/mydomain.com/cert.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/mydomain.com/privkey.pem
    SSLCertificateChainFile /etc/letsencrypt/live/mydomain.com/chain.pem
</VirtualHost>

The key there is the VirtualHost *:80 part as it is the one redirecting the requests. The other one is just a matter of consuming them.

like image 94
Lawrence Avatar answered Oct 19 '25 03:10

Lawrence

Sign in to Comment

Related questions

Limit Bandwidth per Apache Virtual Host [closed]
Do We have any php application servers (not web servers)?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!