I run a .Net 6 API on my Raspberry PI. I can get data from this API using the browser “https://192.168.178.51:7001/swagger/” . Also getting data from entering the url “https://192.168.178.51:7001/api/status/” returns the expected values. So the API is working so far. But when I try to get data from my Blazor WASM App using HTTPClient I get no data. Inspect the browser shows the following message:
GET https://192.168.178.51:7001/api/Status net::ERR_CERT_AUTHORITY_INVALID
How can I fix this? Do I have to install a SSL Certificate? How to do this for a self contained API?
You will need, at minima, a self-sign certificate. Then you will need to let your browser accept a self-sign.(Advance, Proceed to ServerIp)
Now, I do not know what OS you are using in your Raspberry, but for a Beaglebone(similar to Raspberry Pi) with Debian and nginx, here is the procedure
https://www.digitalocean.com/community/tutorials/how-to-create-a-self-signed-ssl-certificate-for-nginx-on-debian-10
You will need the same kind of steps for which ever OS and webserver(Apache, nginx...Kestrel?).
Using a reverse proxy will be the solution, as described here: https://learn.microsoft.com/en-us/aspnet/core/host-and-deploy/linux-nginx?view=aspnetcore-6.0
Quote from the article:
Kestrel is great for serving dynamic content from ASP.NET Core. However, the web serving capabilities aren't as feature rich as servers such as IIS, Apache, or Nginx. A reverse proxy server can offload work such as serving static content, caching requests, compressing requests, and HTTPS termination from the HTTP server.
Using a reverse proxy I can set a certificate.
Related
I have one website with https for example https://mywebsite.com. This website is working fine properly. Now one fast api app is provided to host on the same website.
I deployed the fast api which is accessible on Server_IP:8000.
How can i access this fast api under website/domain name https://mywebsite.com that also under ssl certificate. I also want to disable exposure to port No. 8000 on which fast api is working.
I m using ubuntu 20.04 & nginx. Please correct me if there is any gap or if I am missing something. I am New in the filed of DevOps.
I have a website on blazor server that will need to scale in the future i.e. there will be several servers. How to do balancing on blazor server using Nginx? In this case, it is necessary that the session is also saved, i.e. did not throw out in case of turning off one of the servers.
Microsoft describes how to load-balance on Linux using NGINX on the following page:
ASP.NET Core SignalR hosting and scaling
I installed an ASP.net application on a windows Azure VM (IIS 7). SSL certificate is installed, configured and the application works correctly. I have removed Http binding and http endpoints.
The issue I am having is that if I use the cloudapp.net link (using https), the application still opens with a mismatched certificate.
What can I do to deny any user from opening my application using https://xx.cloudapp.net/x?
It seems really silly that people are saying this isn't the right place for this question, since some of the solutions could be code related. ie: In your application, check the host and if it's cloudapp.net, do a URL redirect.
There's a few different options here but it sounds like what you're looking for is just the ability to prevent someone from viewing the application using that URL.
What I would do is set up a site in IIS that uses Host Header resolution to look for xx.cloudapp.net. If that URL is recognized, do a redirect using the HTTP redirect settings to the https version of your app. Don't bind the SSL port to this site or you'll run into SSL errors like you showed above.
The other option is to leave it out entirely and simply use the Host Header resolution to filter out requests for your site. I suspect what you've done is assign all incoming requests to the only IP address on the system, which is why the xx.cloudapp.net is showing your app and the cert is failing.
This would cause xx.cloudapp.net to fail to show any site at all but I think that might be what you want to do anyway.
Is it possible to install a proxy locally (on Windows XP) and redirect, for example, all traffic from "google.com" to "yahoo.com".
If I call http://www.google.com/test it should redirect it to http://www.yahoo.com/test and return the response from yahoo.
Long story short : I have an old program and there is a URL used in it (for a Web service), but the value of the URL is compiled in the app.
For now, it's connecting in production but I'd like to make some tests in QA, so I would just redirect the URL "http://prod.webservice.website.com" to "http://qa.webservice.website.com" without having to recompile the old application.
Maybe Fiddler will do the job. It's a local proxy that is capable of transforming requests.
You can setup a host file (or edit), if it's just your computer. Would that suffice?
we have a site (https://oursite.net) in which we display a videostream hosted on http (http://someserver.com). The site needs to be hosted on https, and we don't control the video, so I'm assuming it needs to be on http. we recently added the option to play the stream through the silverlight asp:MediaElement, which works perfectly fine in our test environment (on http) but doesn't work in production (https).
The info on the web is somewhat confusing as I'm having a hard time differentiating between how this stuff worked at different stages in the silverlight development (seems to have been a bit to and fro)
Is this setup possible at all (hosting the player on https but playing a stream on http) with some sort of policy file?
in that case: does this policy file need to be hosted with the silverlight app (on https) or where the streams are located (http)
Thanks for your time
Andreas
You are running into a cross-scheme violation unfortunately. The stream would need to match the same scheme (https) as the hosting application. Unfortunately most streaming isn't available in HTTPS.
Can you check the enableHtmlAccess property on the object tag to make sure it is true? Most media players end up using the HTML DOM bridge to communicate with the web page.
It's also likely that there is a cross-scheme issue: you should try and optimize for all assets being on the same scheme (HTTP or HTTPS).