Configuring Kestrel on .NET 7.0, but not quite sure how to do it correctly and need some guidance

Question

I am a beginner in .NET Core and I am trying to configure a custom domain to be able to use HTTPS for my ASP.NET Core 7.0 Web API.

I was following this guide: Custom Local Domain using HTTPS, Kestrel & ASP.NET Core, but as you can see, he uses .NET Core 3.1 and the structure of the files in the project has changed. In .NET Core 7.0 the program.cs and startup.cs file have been merged.

Here is my HostConfig.cs file:

public class HostConfig
{
    public static string CertPath { get; set; }
    public static string CertPassword { get; set; }
}

Here is my program.cs file:

using Dot7.API.CRUD.Data;
using Microsoft.EntityFrameworkCore;

var builder = WebApplication.CreateBuilder(args);

builder.Host.ConfigureServices((context, services) =>
{
  HostConfig.CertPath = builder.Configuration["CertPath"];
  HostConfig.CertPassword = builder.Configuration["CertPassword"];
});

builder.Host.ConfigureWebHostDefaults(webBuilder =>
{
  webBuilder.ConfigureKestrel(opt =>
  {
    opt.ListenAnyIP(5000);
    opt.ListenAnyIP(5001, listOpt =>
    {
      listOpt.UseHttps(HostConfig.CertPath, HostConfig.CertPassword);
    });
  });
});

builder.Services.AddCors(options =>
{
  options.AddPolicy("Cors", p =>
  {
    p.AllowAnyOrigin()
          .AllowAnyHeader()
          .AllowAnyMethod();
  });
});

builder.Services.AddControllers();
builder.Services.AddEndpointsApiExplorer();
builder.Services.AddSwaggerGen();

builder.Services.AddDbContext<databaseContext>(options =>
{
  options.UseSqlServer(builder.Configuration.GetConnectionString("databaseConnection"));
});

var app = builder.Build();

if (app.Environment.IsDevelopment())
{
  app.UseSwagger();
  app.UseSwaggerUI();
}

app.UseCors("Cors");

app.UseHttpsRedirection();

app.UseAuthorization();

app.MapControllers();

app.Run();

When I build and run the application, I get this error message:

C:\Desktop\dotnet7-vue3-crud - Developpment - HTTPS\Dot7.API.CRUD\Program.cs(19,24): warning CS8604: Possible null reference argument for parameter 'fileName' in 'ListenOptions ListenOptionsHttpsExtensions.UseHttps(ListenOptions listenOptions, string fileName, string? password)'. [C:\Desktop\dotnet7-vue3-crud - Developpment - HTTPS\Dot7.API.CRUD\Dot7.API.CRUD.csproj]

Unhandled exception. System.NotSupportedException: ConfigureWebHost() is not supported by WebApplicationBuilder.Host. Use the WebApplication returned by WebApplicationBuilder.Build() instead.

at Microsoft.AspNetCore.Builder.ConfigureHostBuilder.Microsoft.AspNetCore.Hosting.Infrastructure.ISupportsConfigureWebHost.ConfigureWebHost(Action1 configure, Action1 configureOptions)
at Program.$(String[] args)

I don't really understand what this error message means and how to debug it. Can you somebody help me out?

PS: if you require additional files to inspect the issue, don't hesitate to ask.

I tried looking for Youtube videos, but most of the reference material uses an older version of .NET Core and as a beginner it is not really helpful. I also tried using ChatGPT, but obviously, the answer were outdated and not helpful.

I think you can configure kestrel from the environment directly... — Daniel A. White, Jul 11 '23 at 15:12

score 0 · Answer 1 · answered Jul 11 '23 at 15:16

0

Try calling UseKestrel on builder.WebHost:

builder.WebHost.UseKestrel(opt =>
{
    opt.ListenAnyIP(5000);
    opt.ListenAnyIP(5001, listOpt =>
    {
        listOpt.UseHttps(builder.Configuration["CertPath"],  builder.Configuration["CertPassword"]);
    });
});

Note that the approach described in the article with using HostConfig with static properties and relying on initialization order is not very idiomatic.

As for warning - check out Nullable reference types

answered Jul 11 '23 at 15:16

Guru Stron

102,774
10
95
132

What do you mean by "Note that the approach described in the article with using HostConfig with static properties and relying on initialization order is not very idiomatic." exactly? – Oddy Jul 11 '23 at 15:43
@Oddy I mean that this approach relies on action passed to `ConfigureServices` being called before any actual usage of `HostConfig` static properties. Just read the config in appropriate places. – Guru Stron Jul 11 '23 at 15:45
I'm a total beginner at dotnet core api application, so I still don't really understand exactly is the issue here. Are you maybe suggesting that I have the class define directly in the program.cs file? I also tried replacing my code from builder.Host.ConfigureService... with UseKestrel on builder.WebHost instead but that didn't work. Am I doing something incorrectly here? – Oddy Jul 11 '23 at 16:00
@Oddy if you are a beginner the you don't need to configure kestrel at all. Just create a web app from default template and run it. Do you get the same error when using approach from the answer? – Guru Stron Jul 11 '23 at 16:02
In the beginning, I simply ran the webapp from the default template with a few API end-points and connect to it via localhost, but now, I need client PCs on my local network to connect to my webapp and use functionalities like the webcam and if I dont configure kestrel, how can they do API calls over HTTPS? – Oddy Jul 11 '23 at 16:07
@Oddy oh, ok. You have not answered my question though - what exception do you get when using my approach. – Guru Stron Jul 11 '23 at 16:22
Sorry about that, I get a few exception. I can't list all of them, but here are some of them: Unhandled exception. System.Security.Cryptography.CryptographicException: Access denied. at System.Security.Cryptography.X509Certificates.CertificatePal.FilterPFXStore(ReadOnlySpan`1 rawData, SafePasswordHandle password, PfxCertStoreFlags pfxCertStoreFlags) at System.Security.Cryptography.X509Certificates.CertificatePal.FromBlobOrFile(ReadOnlySpan`1 rawData, String fileName, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags) – Oddy Jul 11 '23 at 16:30
@Oddy I would argue that is out of scope of the question. You need to validate that the certificate installed in the same place it is searched for. I can't help you with that ATM. – Guru Stron Jul 11 '23 at 16:35
Oh, so the error seems to indicate that the certificate cannot be found? or the path is somehow incorrect? – Oddy Jul 11 '23 at 16:38
Let us [continue this discussion in chat](https://chat.stackoverflow.com/rooms/254443/discussion-between-oddy-and-guru-stron). – Oddy Jul 11 '23 at 16:38

Configuring Kestrel on .NET 7.0, but not quite sure how to do it correctly and need some guidance

1 Answers1