public static void Configure(IWebHostBuilder webBuilder, IConfiguration configuration) { var httpProtocol = configuration["devonfw:Kestrel:HttpProtocol"]; var sslProtocol = configuration["devonfw:Kestrel:SslProtocol"]; _ = int.TryParse(configuration["devonfw:Kestrel:ApplicationPort"], out int applicationPort); _ = bool.TryParse(configuration["devonfw:Kestrel:UseHttps"], out bool useHttps); webBuilder.UseKestrel(options => { options.AddServerHeader = false; options.Listen(IPAddress.Any, applicationPort, listenOptions => { listenOptions.Protocols = ProtocolOperations.GetHttProtocol(httpProtocol); SetupCommonProperties(configuration, options); if (!useHttps) { return; } var httpsOptions = new HttpsConnectionAdapterOptions(); SetupHttpsProperties(configuration, sslProtocol, httpsOptions); listenOptions.UseHttps(httpsOptions); }); }); }
private static void SetupHttpsProperties(IConfiguration configuration, string sslProtocol, HttpsConnectionAdapterOptions httpsOptions) { var kestrelCertificate = configuration["Certificates:ServerCertificate:Certificate"]; _ = bool.TryParse(configuration["Certificates:ClientCertificate:RequireClientCertificate"], out bool requireClientCertificate); _ = bool.TryParse(configuration["Certificates:ClientCertificate:CheckCertificateRevocation"], out bool checkCertificateRevocation); httpsOptions.SslProtocols = ProtocolOperations.GetTlsProtocol(sslProtocol); httpsOptions.ClientCertificateMode = requireClientCertificate ? ClientCertificateMode.RequireCertificate : ClientCertificateMode.NoCertificate; httpsOptions.CheckCertificateRevocation = checkCertificateRevocation; if (!string.IsNullOrEmpty(kestrelCertificate)) { var kestrelCertificatePassword = configuration["Certificates:ServerCertificate:CertificatePassword"]; httpsOptions.ServerCertificate = LoadServerCertificate(kestrelCertificate, kestrelCertificatePassword); } }