Menu
When using Kestrel with IIS you define an Application Pool and identity (user). The default identity is "ApplicationPoolIdentity" but can be one of the following or a custom user:
When the application runs, Kestrel runs under the Identity you defined in IIS:
However, when using Kestrel behind a proxy server such as nginx (or standalone) what is the recommended "identity" (user) to use and how does one go about using it with Kestrel?
404
When you host Kestrel behind a proxy on Windows it is recommended to host the ASP.NET Core app in a Windows Service. Nginx would be configured to reverse proxy the applications url (e.g. http://localhost:5000) and the ASP.NET application would run under whatever user the service is configured to run as.
If you are hosting on Linux then you are responsible for creating your own service using whatever technology the underlying operating system provides (e.g. systemd, upstart, etc.)
The 'recommended' identity to use depends on what resources the ASP.NET app needs to access. The LocalService account has the same privileges as a member of the Users group.
138
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
