ubuntu asp net core web API,无法配置HTTPS端点

fivyi3re  于 2023-02-07  发布在  其他
关注(0)|答案(1)|浏览(213)

我正尝试在我的ubuntu机器上运行一个测试web api。
Ubuntu 22.10网络版7.0Apache2
My Program.cs包含以下内容

using Autofac.Extensions.DependencyInjection;
using WebApplication1;

public class Program
{
    public static void Main(string[] args)
    {
        // ASP.NET Core 3.0+:
        // The UseServiceProviderFactory call attaches the
        // Autofac provider to the generic hosting mechanism.
        var host = Host.CreateDefaultBuilder(args)
            .UseServiceProviderFactory(new AutofacServiceProviderFactory())
            .ConfigureWebHostDefaults(webHostBuilder => {
                webHostBuilder
                    .UseContentRoot(Directory.GetCurrentDirectory())
                    .UseKestrel()
                    .UseStartup<Startup>();
            })
            .Build();

        host.Run();
    }
}

我的创业公司

using System.Net;
using Autofac;
using Autofac.Extensions.DependencyInjection;
using Microsoft.AspNetCore.Server.Kestrel.Core;

namespace WebApplication1;

public class Startup
{
  // ConfigureServices is where you register dependencies. This gets
  // called by the runtime before the ConfigureContainer method, below.
  public void ConfigureServices(IServiceCollection services)
  {
    // Add services to the collection. Don't build or return
    // any IServiceProvider or the ConfigureContainer method
    // won't get called. Don't create a ContainerBuilder
    // for Autofac here, and don't call builder.Populate() - that
    // happens in the AutofacServiceProviderFactory for you.
    services.AddOptions();
    services.AddAutofac();
    services.AddControllers();
    services.AddSwaggerGen();
    //
    // services.Configure<KestrelServerOptions>(options =>
    // {
    //   options.Listen(IPAddress.Any, 5000, listenOptions =>
    //   {
    //     listenOptions.UseHttps("/home/bp/dev/dotnet/cloud-app/server.crt", "/home/bp/dev/dotnet/cloud-app/server.key");
    //   });
    // });
  }

  // ConfigureContainer is where you can register things directly
  // with Autofac. This runs after ConfigureServices so the things
  // here will override registrations made in ConfigureServices.
  // Don't build the container; that gets done for you by the factory.
  public void ConfigureContainer(ContainerBuilder builder)
  {
    // Register your own things directly with Autofac here. Don't
    // call builder.Populate(), that happens in AutofacServiceProviderFactory
    // for you.
    builder.RegisterModule(new WebModule());
  }

  // Configure is where you add middleware. This is called after
  // ConfigureContainer. You can use IApplicationBuilder.ApplicationServices
  // here if you need to resolve things from the container.
  public void Configure(
    IApplicationBuilder app,
    IWebHostEnvironment env)
  {
    if (env.IsDevelopment())
    {
      app.UseDeveloperExceptionPage();
      app.UseSwagger();
      app.UseSwaggerUI(options =>
      {
        options.SwaggerEndpoint("/swagger/v1/swagger.json", "v1");
        options.RoutePrefix = string.Empty;
      });            
    }
            
    app.UseRouting();
    app.UseEndpoints(endpoints => endpoints.MapControllers());
  }
}

当我改变我的launchSettings来启动一个http页面时,它工作正常。我得到了一个带有我的无意义web api调用的swagger页面,我可以执行它。
但是当我恢复到https时,它一直抛出这个异常

System.InvalidOperationException: Unable to configure HTTPS endpoint. No server certificate was specified, and the default developer certificate could not be found or is out of date.
To generate a developer certificate run 'dotnet dev-certs https'. To trust the certificate (Windows and macOS only) run 'dotnet dev-certs https --trust'.

我尝试了一些chat gpt建议,它们建议创建一个自签名证书,如下所示

openssl req -x509 -newkey rsa:2048 -keyout server.key -out server.crt -days 365 -nodes

可按如下方式进行测试

openssl x509 -noout -text -in server.crt

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:26:ee:88:0e:13:0b:d5:ef:c7:47:44:d2:e0:5e:3d:a7:87:e9:62
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C = AU, ST = Some-State, O = Internet Widgits Pty Ltd
        Validity
            Not Before: Feb  6 22:29:08 2023 GMT
            Not After : Feb  6 22:29:08 2024 GMT
        Subject: C = AU, ST = Some-State, O = Internet Widgits Pty Ltd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b2:31:75:2b:90:18:67:86:87:85:b2:b4:c0:ee:
                    0f:df:60:f0:b8:e4:17:02:46:e5:e7:5e:b7:ed:b1:
                    65:5e:a3:e2:77:90:ca:5e:ce:1a:62:19:a7:0d:2f:
                    87:9b:dd:19:ef:4d:30:84:0e:5a:b2:34:2a:40:a0:
                    ea:38:19:23:ed:e5:eb:3a:7e:b1:6b:a4:10:32:72:
                    ad:21:ed:56:cc:6c:42:2d:ea:01:40:49:d3:2e:cd:
                    fb:89:cc:f2:47:70:d2:d2:57:b6:5b:7f:0b:81:86:
                    d7:d0:6c:85:11:e7:41:c0:01:48:56:d8:ad:4e:2e:
                    ea:54:14:76:c6:74:8e:a6:a6:dd:ea:d1:89:33:8c:
                    d1:96:b4:6f:28:f6:cf:80:3e:63:c7:0f:fd:fd:23:
                    0e:86:1d:e5:c8:b9:4c:5a:04:57:ec:a1:a7:5b:03:
                    30:79:de:c0:b9:31:c4:c7:3a:54:ee:bc:55:d1:01:
                    11:6f:8d:d1:32:d2:94:ce:71:04:44:fe:45:c5:5c:
                    de:7e:8e:bc:8d:00:30:8a:be:be:1d:a0:3b:6d:4c:
                    c7:88:fb:9a:70:76:b3:6c:90:15:b9:19:16:9a:7d:
                    2a:3b:0f:80:26:4f:14:ba:58:d0:d3:b2:53:08:1e:
                    ba:7b:1c:b3:34:31:1a:cb:4c:ab:bc:ac:27:64:40:
                    dd:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                5C:17:2E:88:54:23:C8:2B:11:92:D9:C8:61:73:3D:A9:22:49:B3:D2
            X509v3 Authority Key Identifier: 
                5C:17:2E:88:54:23:C8:2B:11:92:D9:C8:61:73:3D:A9:22:49:B3:D2
            X509v3 Basic Constraints: critical
                CA:TRUE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        76:0f:dc:42:9d:f2:9b:d3:73:84:5c:26:0b:b6:cf:d1:e2:40:
        88:fb:dd:aa:78:6f:45:b0:f8:03:57:f7:cd:cf:69:f6:b1:e7:
        d6:72:52:28:f0:21:80:18:b2:d8:33:c5:3a:93:b4:10:17:11:
        eb:d0:42:6c:e4:9a:0d:60:76:b3:7d:c5:0a:d7:f9:85:ff:1c:
        6b:83:e2:9d:bc:0d:81:81:63:0f:b6:56:e7:69:e8:5b:a3:ce:
        24:88:83:e6:cd:c4:b7:80:2e:56:a3:fa:24:71:c7:b0:00:10:
        4a:00:bf:a4:ac:51:9e:35:3f:d1:8f:c9:81:9f:7e:49:87:e8:
        96:3a:3e:a0:71:7d:f6:a6:09:b8:47:c4:1d:37:23:16:7b:fa:
        29:c9:c2:16:b9:e5:1c:fb:8b:83:8a:e2:fe:5f:b6:92:fe:01:
        b2:20:1c:fe:09:5d:5b:81:7c:d9:91:d2:41:f5:42:fa:81:ac:
        ed:6d:81:07:66:28:3b:2f:95:53:a2:f1:9a:80:3e:18:32:58:
        df:dc:ad:e5:79:74:cf:79:16:4a:c0:e3:b3:f1:37:ce:d0:e9:
        94:15:2e:ed:8a:31:c4:48:56:0d:06:60:22:15:e6:23:09:62:
        e0:cb:92:ec:6e:53:12:f5:6e:04:f3:9b:33:8a:6c:39:6f:b5:
        a6:62:ec:40

以及

openssl rsa -noout -text -in server.key

Private-Key: (2048 bit, 2 primes)
modulus:
    00:b2:31:75:2b:90:18:67:86:87:85:b2:b4:c0:ee:
    0f:df:60:f0:b8:e4:17:02:46:e5:e7:5e:b7:ed:b1:
    65:5e:a3:e2:77:90:ca:5e:ce:1a:62:19:a7:0d:2f:
    87:9b:dd:19:ef:4d:30:84:0e:5a:b2:34:2a:40:a0:
    ea:38:19:23:ed:e5:eb:3a:7e:b1:6b:a4:10:32:72:
    ad:21:ed:56:cc:6c:42:2d:ea:01:40:49:d3:2e:cd:
    fb:89:cc:f2:47:70:d2:d2:57:b6:5b:7f:0b:81:86:
    d7:d0:6c:85:11:e7:41:c0:01:48:56:d8:ad:4e:2e:
    ea:54:14:76:c6:74:8e:a6:a6:dd:ea:d1:89:33:8c:
    d1:96:b4:6f:28:f6:cf:80:3e:63:c7:0f:fd:fd:23:
    0e:86:1d:e5:c8:b9:4c:5a:04:57:ec:a1:a7:5b:03:
    30:79:de:c0:b9:31:c4:c7:3a:54:ee:bc:55:d1:01:
    11:6f:8d:d1:32:d2:94:ce:71:04:44:fe:45:c5:5c:
    de:7e:8e:bc:8d:00:30:8a:be:be:1d:a0:3b:6d:4c:
    c7:88:fb:9a:70:76:b3:6c:90:15:b9:19:16:9a:7d:
    2a:3b:0f:80:26:4f:14:ba:58:d0:d3:b2:53:08:1e:
    ba:7b:1c:b3:34:31:1a:cb:4c:ab:bc:ac:27:64:40:
    dd:5d
publicExponent: 65537 (0x10001)
privateExponent:
    4e:62:f6:4d:af:0a:25:44:67:4a:77:a6:0e:f6:ca:
    71:b3:e5:c1:17:c9:4d:5d:9d:d6:0d:73:30:b3:28:
    4a:1d:22:cb:01:1d:1c:de:62:79:c4:1a:19:f1:4e:
    20:d0:ff:0f:27:70:0f:af:76:d3:4c:a2:47:a2:e1:
    d5:c2:ad:6d:02:06:db:c9:0e:c8:30:b8:55:50:df:
    fb:7c:3a:02:1c:1f:72:ae:2d:55:b8:04:17:e3:51:
    e3:39:0e:5d:41:f2:e3:c7:e4:f6:d3:e8:de:56:50:
    8a:a5:aa:56:09:5a:81:99:ae:d6:51:63:cf:70:50:
    f1:a2:bc:eb:29:2b:f5:7f:d5:73:09:19:ea:63:1b:
    2a:f6:98:f8:cd:e9:85:55:60:a1:3a:dc:23:fc:26:
    d6:32:2c:6f:8e:c9:be:9e:0a:33:ef:6d:26:63:88:
    2c:b3:7a:e6:01:f1:3c:8e:7b:dc:f1:45:c5:b6:a7:
    05:f6:9c:47:04:13:bb:63:50:3a:8a:0b:67:1a:58:
    2a:da:71:41:2d:ae:67:7e:36:96:79:ac:d3:5f:dd:
    31:15:de:5d:78:b1:72:ae:76:56:5d:2f:a9:a9:73:
    69:76:66:69:4c:2f:0b:47:cc:d1:47:77:a5:c8:07:
    be:d5:cc:a2:1a:e3:a3:c6:f5:2e:e0:3f:b4:1d:c8:
    0b
prime1:
    00:b9:5a:ba:fa:d9:0c:cc:27:9b:b9:51:97:08:81:
    61:a8:8f:9a:6a:ec:83:56:0a:24:cb:83:32:b3:43:
    4f:cd:89:52:eb:55:e9:b0:c5:01:52:f6:51:0f:16:
    1f:46:d8:d4:44:ea:11:29:c5:72:c5:5a:54:19:03:
    29:f1:7c:0d:be:72:c7:41:3c:c6:5d:e0:da:69:84:
    86:2b:b9:c3:73:a8:59:ab:c7:61:ad:bb:90:0c:15:
    11:c3:6b:83:a3:c6:3c:64:fd:f9:94:73:17:ba:55:
    cc:30:fb:f5:d3:58:c2:7e:f1:a8:27:fd:b1:22:07:
    73:07:7e:13:7c:29:d2:18:af
prime2:
    00:f6:1b:ff:68:29:60:7a:ce:74:4a:ea:88:87:3b:
    65:8d:2e:ce:56:89:86:2d:f3:b4:22:f4:37:49:12:
    de:ff:18:63:39:4c:35:16:7a:98:29:3a:23:a5:db:
    f1:bc:f1:53:32:e6:04:cc:07:8f:52:12:05:ea:7d:
    67:e7:c6:e6:33:b0:ff:23:ac:4e:e3:8b:4e:64:93:
    b1:5b:c7:16:5b:d3:7d:16:25:09:62:5d:85:f7:7d:
    ed:0d:66:df:8b:b6:2e:3a:92:91:91:89:8e:4a:c8:
    4c:23:71:eb:07:8f:b7:2f:01:19:e7:51:c3:dd:4d:
    84:65:5a:d7:f5:79:30:d5:b3
exponent1:
    46:a1:31:30:d7:36:8e:30:e5:a1:17:5b:13:0d:a2:
    36:06:0a:94:85:ed:82:02:b9:84:a7:48:d1:90:6b:
    bf:69:7d:a4:59:87:84:29:7d:d8:ac:2d:b5:2e:fb:
    da:16:53:c4:b2:e0:b9:67:18:d5:e5:16:b8:b5:40:
    ed:59:15:2f:a6:33:11:43:e4:5e:ef:88:aa:be:aa:
    15:cd:62:92:16:eb:9c:8e:8c:45:14:7c:ce:6d:d4:
    e7:ff:77:19:18:37:f9:4f:e2:23:d4:3b:8d:70:96:
    2f:70:43:7b:36:8e:5e:ab:1d:25:a8:01:30:73:60:
    3c:d1:a9:01:1e:3a:85:d7
exponent2:
    1b:6a:d1:10:44:93:c7:fa:9a:00:02:92:c5:25:fb:
    d1:37:a6:ab:03:55:1c:67:6a:e8:fd:f5:ee:c1:18:
    70:a8:c1:dd:0f:3d:56:cc:bf:88:d0:3e:4a:6a:ef:
    4a:52:44:27:86:72:80:5c:53:3e:1c:5d:e6:5a:a4:
    29:b1:01:d2:3e:64:9e:0f:c3:16:1c:5d:d6:5c:91:
    c4:9c:b0:43:f8:92:95:d5:f8:6e:a9:e6:93:c4:c6:
    94:d8:a2:0c:c9:75:ea:f6:8b:1b:00:8d:06:8d:bb:
    d5:b3:0a:30:e4:74:ce:da:bb:8d:06:91:e0:64:93:
    5c:4b:3b:85:d0:43:7d:7b
coefficient:
    00:b2:18:91:db:05:0c:89:ad:b8:3f:69:9b:d6:dd:
    55:66:35:30:eb:ff:2a:4f:3a:d6:98:f0:c9:99:ad:
    48:d0:53:15:ef:e5:c9:69:db:80:7c:68:86:c1:02:
    58:b1:43:2d:6a:40:e1:81:97:1c:65:c8:55:10:83:
    3a:33:24:e5:47:30:16:da:95:dd:a6:29:02:1d:61:
    dc:27:4e:0b:d8:c8:4c:6f:60:1b:39:9f:03:1b:c0:
    3b:d9:d3:89:87:cd:58:e3:39:38:ed:d9:7d:75:4a:
    a4:32:fa:71:f7:ed:a7:04:5c:29:61:fc:4d:3e:63:
    a0:f3:4a:18:5a:ee:8c:7f:02

我猜这是正确的输出。从来没有做过任何与证书之前,所以不是真的确定我在寻找什么;-).
无论如何,当我在ConfigureServices中启用KestrelServerOptions

public void ConfigureServices(IServiceCollection services)
  {
    // Add services to the collection. Don't build or return
    // any IServiceProvider or the ConfigureContainer method
    // won't get called. Don't create a ContainerBuilder
    // for Autofac here, and don't call builder.Populate() - that
    // happens in the AutofacServiceProviderFactory for you.
    services.AddOptions();
    services.AddAutofac();
    services.AddControllers();
    services.AddSwaggerGen();
    
    services.Configure<KestrelServerOptions>(options =>
    {
      options.Listen(IPAddress.Any, 5000, listenOptions =>
      {
        listenOptions.UseHttps("/home/bp/dev/dotnet/cloud-app/server.crt", "/home/bp/dev/dotnet/cloud-app/server.key");
      });
    });
  }

调试我的应用程序,它会抛出

System.NotSupportedException: The server mode SSL must use a certificate with the associated private key.
   at System.Net.Security.SslStreamCertificateContext.Create(X509Certificate2 target, X509Certificate2Collection additionalCertificates, Boolean offline, SslCertificateTrust trust)
   at Microsoft.AspNetCore.Server.Kestrel.Https.Internal.HttpsConnectionMiddleware..ctor(ConnectionDelegate next, HttpsConnectionAdapterOptions options, ILoggerFactory loggerFactory)
   at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.<>c__DisplayClass12_0.<UseHttps>b__0(ConnectionDelegate next)
   at Microsoft.AspNetCore.Server.Kestrel.Core.ListenOptions.Build()
   at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.<>c__DisplayClass30_0`1.<<StartAsync>g__OnBind|0>d.MoveNext()

chat gpt现在给出的唯一建议是重新迭代我已经做过的步骤,我试了三次,但是我没有发现任何错误。
我怎样才能让我的https工作?

hzbexzde

hzbexzde1#

如果将鼠标指针放在该方法上,您会发现:

此方法适用于.pfx文件,不适用于.crt和.key
您可以查看此文档并选择一个解决方案

相关问题