ssl not working #29
Comments
|
Hi Michael, You're right that this is a limitation. I will propagate this back to the team to see if we can have better support for HTTPS on Kestrel + Service Fabric. Besides using WebListener, I'd like to check if the following alternative is an acceptable solution to you: Put the certificate in Azure KeyVault (or whatever secure store you'd like to use). When the service is up, use KeyVault API to retrieve the certificate and set it to Kestrel like this: Thanks, |
|
Hi David, I hope there is also WebListerner + SSL Support in the final bits. Currently this doesn’t work without some small modifications Microsoft.ServiceFabric.AspNetCore.Hosting and Microsoft.ServiceFabric.AspNetCore.Gateway! This are my modifications for the other Team. I think they have to bind on http[s]://+:[port] WebHostBuilderExtensions.cs: AspNetCoreCommunicationListener.cs I know Kestrel and I would use it with Service Fabric if there is support for this in the ApllicationManifest.xml and the ServiceManifest.xml Can you share a timeline for the Microsoft.ServiceFabric.AspNetCore.Hosting package from the other team? Of topic: I using windows and I currently do not need cross platform. Is kestrel or WebListerner faster on windows? Greetings |
|
Hi Michael, I've fixed the issue with Microsoft.ServiceFabric.AspNetCore.Hosting to support WebListener (b5ef862). What is the issue with Gateway? I currently don't have a timeline for shipping the components as NuGet packages. I will share it as soon as I know it. Kestrel is the default web server of ASP.NET Core now and it is faster than WebListener on Windows as well. The blog http://web.ageofascent.com/asp-net-core-exeeds-1-15-million-requests-12-6-gbps/ mentioned the result measured upon Kestrel 4 months ago, and the number still keeps increasing. -David |
|
Hi Davis, Thank you for the changes and the information’s about the Performance of Kestrel. With the original code I simple got an status code 500 from the WebListerner when using HTTPS. Hopefully we can use Kestrel with encryption first class in Service Fabric soon ☺ Greetings Von: Weida Zhao [mailto:[email protected]] Hi Michael, I've fixed the issue with Microsoft.ServiceFabric.AspNetCore.Hosting to support WebListener (b5ef862b5ef862). What is the issue with Gateway? I currently don't have a timeline for shipping the components as NuGet packages. I will share it as soon as I know it. Kestrel is the default web server of ASP.NET Core now and it is faster than WebListener on Windows as well. The blog http://web.ageofascent.com/asp-net-core-exeeds-1-15-million-requests-12-6-gbps/ mentioned the result measured upon Kestrel 4 months ago, and the number still keeps increasing. -David — |
Hi,
great code - helped me one of our customers!
ssl is not working because of the use of the kestrel server. A service fabric app has no access to the private keys of a ssl certificate. I think you have to use the WebListener because service fabric gives the WebListener (http.sys) access to this keys.
I have some small modifications and would like to publish my branch to your git repository.
greetings
Michael
The text was updated successfully, but these errors were encountered: