I have an application hosted on IIS with an SSL certificate.
with standard ASP I could configure rewrite in web.config for automatically redirecting to the SSL version.
But how can I do it in core? I want that when someone opens a link over HTTP they will be automatically redirected to HTTPS.
Many thank in advance!
You still may (and should) use web.config
As soon as IIS deals with SSL - your app (Kestrel) receives "clean" HTTP, so it's too late to check for SSL connection in your code. You need to configure IIS to redirect from http to https.
I use this web.config (works in Azure):
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModule" resourceType="Unspecified"/>
</handlers>
<aspNetCore processPath="%LAUNCHER_PATH%" arguments="%LAUNCHER_ARGS%" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" forwardWindowsAuthToken="false"/>
<rewrite>
<rules>
<clear />
<rule name="Redirect to https" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Permanent" appendQueryString="false" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
In Asp.Net 2.1 and above, in your startup.cs simply add the following in the app Configure method:
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
// other app configure code here
app.UseHttpsRedirection();
}
