I have dotnet core 2.0.3 application which is hosted on Kestrel.
Service running fine over http, but I was setup SSL certificate and, can't access to page (503 error):
https://example.com/services/Service.asmx (before, over http was fine)
https://example.com/test.xml (it's ok – I can access from webbrowser)
I have apache setup:
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
...
SSLEngine on
SSLProxyEngine On
ProxyRequests off
Loglevel debug
...
SSLCertificateFile /etc/ssl/sslkey/example.com.crt
SSLCertificateKeyFile /etc/ssl/sslkey/example.com.key
...
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
<Location "/services/Service.asmx">
Allow from all
Order allow,deny
ProxyPass http://127.0.0.1:5000/Service.asmx
ProxyPassReverse http://127.0.0.1:5000/Service.asmx
SetOutputFilter DEFLATE
SetEnvIfNoCase Request_URI "\.(?:gif|jpe?g|png)$" no-gzip dont-vary
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript
</Location>
</VirtualHost>
I can access to content of webservice from:
curl http://127.0.0.1:5000/Service.asmx
Best Answer
It seems that I have found the answer. Everything is in the file default-ssl.conf Having achieved the .net core 2 application working for HTTP protocol I followed the steps given here to install a self-signed certificate. In short the steps are: 1) Create the SSL Certificate
Fill everything as you want but set Common Name (e.g. server FQDN or YOUR name) as your AWS public domain name.
Create a strong Diffie-Hellman group:
2) Configure Apache to Use SSL
Put in the file the next settings:
Backup existing apache2 SSL setings:
Open existing file and make the changes:
The lines:
do redirection all external requests to apache2 (external server) to the port 443 (SSL port) to your internal kestrel server, which runs asp.net core application.
This works for me.