SSL Integration with ASP Core and DNS Configuration

visual-studio-asp-net

Hello fellow programmers, at this post I will be writing about some solutions about errors might occur during the SSL installation for ASP Core.

If you started your SPA and ASP Core as a two different application then you are likely to get these kinds of errors and see some obstacles. I have never initiated my full-stack phase with built-in Visual Studio SPA(Single Page Application) boilerplate.

The Most Basic Error: The Mixed Content is Blocked

If you get this error when your Angular application sending requests to the backend then you are most probably sending a request within HTTP borders in an SSL activated site.

Then you should turn your Angular endpoints starting with HTTP to the HTTPS.

Configuring ASP Core to Handle SSL Connections

The SSL handling of the incoming requests is no easy task in a newly generated technology like ASP Core so I decided to remove the obstacles on the way.

In the middleware use HSTS and use HTTPS redirections. The redirection redirects the incoming requests to the HTTPS endpoint.

app.UseHsts();
app.UseHttpsRedirection();

Then you should add the code below in order to ASP Core identifies your SSL certificate. This code is an excerpt from program.cs.

public static IWebHostBuilder CreateWebHostBuilder(string[] args) =>
WebHost.CreateDefaultBuilder(args)
.UseStartup<Startup>()
.UseIISIntegration()
.UseKestrel(options =>
{
options.Listen(IPAddress.Loopback, 44302, listenOptions =>
{
listenOptions.UseHttps("C:\\cer\\cert.pfx", "@thePFXpassword");
});
})
.UseContentRoot(Directory.GetCurrentDirectory());

Okay, now you have a half-working ASP Core if your PFX content’s password is correct.

Then the possible error you will stumble upon is the CORS rejection error. Since your Angular and ASP Core are in the different directories and ports, the Chrome browser thinks you are sending a request to a different resource. The app.UserCors and the services are in different methods, so be advised. Bear in mind that ASP Core HTTP ports start from 44300.

app.UseCors("CorsPolicy");

services.AddCors(options =>
{
options.AddPolicy("CorsPolicy",
builder => builder
.SetIsOriginAllowed((host) => true)
.AllowAnyMethod()
.AllowAnyHeader()
.AllowCredentials());
});

Possible Errors: An assembly specified in the application dependencies manifest was not found

You need to produce the published content by setting this method to false or as in the image seen below, you might get this error.

The error message is as follows:

Error:
An assembly specified in the application dependencies manifest (AnilBektas.WebUi.deps.json) was not found:
package: ‘Microsoft.AspNetCore.Mvc.Abstractions’, version: ‘2.0.2’
path: ‘lib/netstandard2.0/Microsoft.AspNetCore.Mvc.Abstractions.dll’
This assembly was expected to be in the local runtime store as the application was published using the following target manifest files:
aspnetcore-store-2.0.5.xml

The solution is running in your console the command below.

dotnet publish -o c:\anilbektas\theprojects/ property:PublishWithAspNetCoreTargetManifest=false

The Configuration of IIS To Allow CORS

To allow the requests coming from the clients, you need to configure the IIS configuration on your behalf properly for the CORS runs well. First, add the command at the sections depicted picture below… These configurations are request-filtering and the handler mapping.

IIS-configurations-for-CORS

At the handler-mapping add <add name=”aspNetCore” path=”*” verb=”*” modules=”AspNetCoreModule” resourceType=”Unspecified” /> and remove the other configurations except the static-file.

<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<httpProtocol>
</httpProtocol>
<security>
<requestFiltering>
<verbs>
<add verb="OPTIONS" allowed="true" />
<add verb="GET" allowed="true" />
<add verb="POST" allowed="true" />
<add verb="PUT" allowed="true" />
</verbs>
</requestFiltering>
</security>
</system.webServer>
<location path="." inheritInChildApplications="false">
<system.webServer>
<handlers>
<remove name="WebDAV" />
<remove name="ExtensionlessUrlHandler-Integrated-4.0" />
<remove name="OPTIONSVerbHandler" />
<remove name="TRACEVerbHandler" />
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModule" resourceType="Unspecified" />
</handlers>
<aspNetCore processPath=".\AnilBektas.exe" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" hostingModel="InProcess" />
</system.webServer>
</location>
</configuration>

At the request-filtering allow GET, POST, OPTIONS and the other request types you use in your application. What your setting should look like is:

handler-mapping
The handler mappings of the ASP Core application to deal with CORS
request-filtering
The request-filtering phase

DNS Configuration

Since when you created your DNS name for the subdomain or domain please add it into in the binding section with proper SSL IP and Port are selected. This will cause IIS redirecting the traffic to this IP-related DNS name or subdomain.

Stay with code,