Custom HTTPS Dev Environment using .NET Core, Kestrel & certificates

Поделиться
HTML-код
  • Опубликовано: 30 ноя 2024

Комментарии • 96

  • @binarythistle
    @binarythistle  4 года назад +14

    ⏲️ *Jump-to Time Codes!* ⏲️
    ----------------------------------------------
    *INTRODUCTION*
    - 2:21 Course Overview
    - 5:46 Demo
    - 6:27 Tooling
    *HTTPS OVERVIEW
    *
    - 6:49 What is HTTPS, SSL & TLS?
    - 7:46 Certificate & Authorities Overview
    - 9:44 What does a certificate contain?
    - 10:30 Public & Private Key Overview
    - 11:48 HTTPS How it Works (Interaction Diagram)
    *LOCALHOST SET UP
    *
    - 14:37 Scaffold Up our API
    - 19:25 Generating a Local Dev Certificate
    - 22:37 The need for a custom domain
    *CUSTOM DOMAIN PART 1
    *
    - 23:56 Update HOSTS File
    - 27:02 Host name resolution order
    - 28:15 Create our Self-Signed Certificate
    - 35:00 Import Certificate into Trusted Root
    *CUSTOM DOMAIN PART 2
    *
    - 36:58 - User Secrets Overview
    - 38:30 - Configure User Secrets
    - 42:14 - Update appsettings.Development.json
    - 44:07 - Create HostConfig static Class
    - 46:00 - Update Program Class - Read in Config
    - 49:55 - Load Certificate into Kestrel
    - 55:13 - Listen on Specific IP Address
    *FINAL THOUGHTS & ACKNOWLEDGEMENTS
    *
    - 57:57 - Wrap Up
    - 58:39 - Credits

  • @adamq272
    @adamq272 2 года назад +7

    You are the only one who explain all the details clearly, I appreciate that. Thanks a lot.

  • @antonyrichard369
    @antonyrichard369 3 года назад +12

    Amazing video. Unbelievable such a kind effort to help others also to learn what you learned. Your sequence of teaching is so good. Thank you very much for this video

  • @insanekelso
    @insanekelso 4 года назад +2

    Greetings from the Scottish Borders. Why has it taken so long for RUclips algo to suggest your videos to my feed?? These are without doubt the best tutorials on RUclips and I watched loads. Love the way you don’t copy/paste code or waffle while typing. Keep them coming

    • @binarythistle
      @binarythistle  4 года назад

      Hi Ian, thanks mate - I wish I had more control over the RUclips algorithm! Glad you've found the channel though and are enjoying the content. Cheers, Les

  • @janivimal
    @janivimal 9 месяцев назад

    Fantastic session with lots of learning , at the same time very interesting to watch. Thank you for putting so much effort in creating and sharing this with developer community. I would love to see more videos taking step further to see how can we deploy this into cloud , ex running as a container. Thanks again !!

  • @TheDemoded
    @TheDemoded 4 года назад +5

    There is a Auto completion in Powershell. If you start typing "convertto-s" and press TAB you'll get "ConvertTo-SecureString".
    It works with parameters and directories\files as well.

    • @binarythistle
      @binarythistle  4 года назад +4

      Hi Andy - where were you a few days ago! You'd have saved me a bit of typing! Great tip & thanks!
      Les

  • @christopherdunderdale7238
    @christopherdunderdale7238 2 года назад

    Suddenly getting the urge for a dram while listening to you Les 😅 Great content thank you!

  • @RobertCoulston_au
    @RobertCoulston_au 4 года назад

    Brilliant - now I understand certificates with some degree of confidence

  • @carlitobrigante293
    @carlitobrigante293 4 года назад

    8:36... "hopefully" we trust ourselves. very deep..

  • @vladeb1104
    @vladeb1104 3 года назад

    Best wishes from Scotland (Balloch).

  • @frankoppermann1877
    @frankoppermann1877 3 месяца назад

    Very nice explained. Great job.

  • @jakubmichalenko7990
    @jakubmichalenko7990 3 года назад

    Thank you very much, I am just finishing my first production Api and I have been stuck on this for past 2 days :DD

  • @petrkassadinovich2705
    @petrkassadinovich2705 4 года назад +1

    Thanks for tutorial!
    Btw, you can read configuration file just from .ConfigureKestrel( ), so you don't need to use custom class HostConfig for passing values.
    .ConfigureWebHostDefaults(webBuilder =>
    {
    webBuilder.ConfigureKestrel((context, kestrel) =>
    {
    var file = context.Configuration["CertificateFileLocation"];
    var password = context.Configuration["CertPassword"];
    });
    })

  • @YenHoMinh-m7u
    @YenHoMinh-m7u Год назад

    Amazing video. I hope u make another tutorial video for docker

  • @manishrao18
    @manishrao18 3 года назад +1

    Just in case, for intellisense use Windows Powershell ISE and use TAB key for auto-complete

  • @Adronius
    @Adronius 2 года назад

    Would be great to see that updated for .NET 6

  • @msharief6273
    @msharief6273 3 года назад

    Thank you! It was treat to watch this video! Loved it ! Enjoyed it !

  • @parsalotfy
    @parsalotfy 3 года назад

    your tutorials are great man , great, thank you a million

  • @ardonbailey2654
    @ardonbailey2654 4 года назад

    Thank you for making this. Super helpful. I always appreciate all your videos.

  • @ricardopfeuti9831
    @ricardopfeuti9831 4 года назад

    Hi Les. I would like to thank you so much for providing this tutorial. It helped me a lot.

  • @buddyrowe7460
    @buddyrowe7460 4 года назад

    Hey Les, very well done! Thank you. I've been scouring the Internet trying to find how to use my TLS cert in Kestrel.

  • @ankushmadankar1756
    @ankushmadankar1756 Год назад

    Very nice video! Saved my day.. Just a question will this work with CA signed certificate on production?

  • @rsodeyi
    @rsodeyi 4 года назад

    Thank you so much for this. Even the parts you said you wouldn't go deep into were plenty. I was able to secure my local dns and understand better how the whole thing hangs together.
    My issue is that I am working with Nativescript and just for added measure, SignalR as well.
    I've been struggling with trying to get an Android Emulator to communicate with my server while it ignores my hosts file and has it's own version of all my DNSs ...good times.
    I don't see it on your channels as yet but I'm really really hoping it's an area you are planning to explore.
    However, getting this ssl part has really helped to get to the next step of Jumanji Infinity

  • @marlonchosky
    @marlonchosky Год назад

    Thanks so much dude! You're video is helping me a lot.
    Question, if I don't want to create a domain name but only use the ip address of my machine, will I only need to generate the certificate but using the ip address instead of the domain name?

  • @everyonesview
    @everyonesview 4 года назад +1

    I have enjoyed this one than any other, Les! Many thanks ❤

    • @binarythistle
      @binarythistle  4 года назад

      Awesome! Wasn't sure about this topic to be honest, it's a little outside of what I usually do, but thought people might find it useful! Glad you enjoyed it!

  • @anasameen6391
    @anasameen6391 4 года назад +1

    finally it's nice to see you again 🎉🎉

  • @luizacacio2012
    @luizacacio2012 2 года назад

    Jackson, do you have any videos showing api with digital authentication? I need to prepare my api to receive notification from a webhook, which uses mtls for communication.

  • @rogerfernandes7269
    @rogerfernandes7269 3 года назад

    You're amazing sir, getting to learn loads of useful stuff from you. Thank you. Keep up the good work.

  • @motomiprysork4923
    @motomiprysork4923 3 года назад +1

    Thank you for another great video! I followed along with my API and works great within my dev machine. One question though in my dev environment, I need to call this API from another dev machine (2nd machine) in the same network. I'm trying to reach the API using IP address since I don't have the host file set up on the 2nd machine. I'm getting certificate issue. These 2 machines can ping each other.

  • @jasonbartlett1357
    @jasonbartlett1357 2 года назад

    Great tutorial. I'm doing this in .NET 6 and using minimal api approach. I have a question about using options.ListenAnyIP vs. the Dns host approach: If use ListenAnyIP, when I run the app, it opens to the url I have in the config, (and the url matches the cert url), But, if I use the resolved DNS ip, when I run the app, it doesn't open the url, and if I go to the url, it can't validate the certificates. So what options can I use to have it go to the url, rather than try to use the ip address?

  • @2005bgva
    @2005bgva 4 года назад

    Fantastic video, thanks a lot. One question, are you going to do a video for a production enviroment?

  • @MarcioAntonioSlivak
    @MarcioAntonioSlivak 4 года назад

    Thank you very much, you saved my weekend.

  • @saurabhchauhan232
    @saurabhchauhan232 4 года назад

    Thank you very much for this video sir,I really enjoy watching video on this channel.God bless you.

    • @saurabhchauhan232
      @saurabhchauhan232 4 года назад

      can you make video on real world problem and solution with design patterns

    • @binarythistle
      @binarythistle  4 года назад

      You are most welcome Saurabh!

  • @mister_stadler
    @mister_stadler Год назад

    Fantastic! Thanks a lot!

  • @shahid13384
    @shahid13384 3 года назад

    Thank you for great explanation

  • @paulsanchez5030
    @paulsanchez5030 Год назад +1

    Did you find a good Open SSL article?

  • @stampgermany
    @stampgermany 3 года назад

    You've helped a lot!
    Thanks!

  • @shaktisingh-lu3dm
    @shaktisingh-lu3dm Год назад

    Thanks a lot for such great help :)

  • @Teutathis
    @Teutathis 4 года назад

    DHCP is Dynamic Host _Configuration_ Protocol. Great video though

  • @nathanwaterman4380
    @nathanwaterman4380 3 года назад +1

    `dotnet dev-certs https --trust` doesn't work for me. It creates the certificate but doesn't Trust it. It only appears under Personal Certificates :/

    • @nathanwaterman4380
      @nathanwaterman4380 3 года назад

      Brilliant! As part of following this tutorial I discovered that my anti-virus, WebRoot, was blocking the creation of trusted certificates. It was also stopping me from the updating the host file.

  • @arun3836
    @arun3836 4 года назад +1

    Hi Les , Great video . I really enjoyed it.

    • @binarythistle
      @binarythistle  4 года назад

      Glad you enjoyed it Arun, Cheers, Les

  • @AGMXZ1
    @AGMXZ1 4 года назад

    Thanks Les. I'm struggling with getting my react app and jquery to talk to my local webapi so I'm hoping this does the trick.

    • @AGMXZ1
      @AGMXZ1 4 года назад

      Still failing for me. I'm trying this on my corporate desktop computer. When I run the GET against the weatherforecast from Postman with HTTPS verification enabled it also fails. When I disable verification I get data back, even using the DNS name which is cool, but the SSL verification fails. When I look at the warning in the Postman console I get:
      Warning: Unable to verify the first certificate
      When I look further down in the warning in the TLS section I see something perhaps more specific.
      authorizationError: "UNABLE_TO_VERIFY_LEAF_SIGNATURE"

  • @glennsingh354
    @glennsingh354 2 года назад

    Thanks a lot for this wonderful content.

  • @ayxanalifov2791
    @ayxanalifov2791 4 года назад

    Thanks so much... Very high quality content !!!

  • @patrickcandlin7420
    @patrickcandlin7420 6 месяцев назад

    ❤ PowerShell here

  • @lifeisgameplayit
    @lifeisgameplayit 2 года назад

    I like your content , thanks m8 !

  • @KritX01
    @KritX01 4 года назад +1

    Hey Les, thanks for the amazing content that you put out! It really helps us! I would like to ask you if you could do a video on microservices and microservices internal communication. How would one do it and if can we use kubernetes to scale the microservices. Thanks!

    • @binarythistle
      @binarythistle  4 года назад +1

      HI there, next videos I'm doing will beL API Gateway, Service Mesh and Asynchronous messaging, all of which really talk about Microservices!

    • @KritX01
      @KritX01 4 года назад

      @@binarythistle oh yes please thank you! :D

  • @diegobaroffio4462
    @diegobaroffio4462 4 года назад

    Hi Les, Thank you for your very well structured video, it's great.
    One question: Any reason why not reading the certificate from the Certificate Store instead of reading from file?
    This way you don't have even to worry with passwords.
    Regards.

  • @LakhanSINGH-rk9et
    @LakhanSINGH-rk9et 4 года назад

    Hi Les , This was a great video . Totally loved it
    Would you be making video on EshopOnContainers microservices ?

    • @binarythistle
      @binarythistle  4 года назад

      Hi Lakhan, yes I'm working on something at the moment, I've taken EshopOnContiners and am re-working it slightly to make it easier to teach with. Hopefully not too long before I complete it.

    • @LakhanSINGH-rk9et
      @LakhanSINGH-rk9et 4 года назад

      @@binarythistle Thanks Les , Waiting for that video to come out. Would be supporting that video on patreon

  • @mateuszkaleta1495
    @mateuszkaleta1495 2 года назад

    is this a big difference when we configure our SSL only in application code / or only in server configuration?

  • @maxbitran
    @maxbitran 4 года назад

    Thanks man! Really helpful.

  • @aikidoshi007
    @aikidoshi007 4 года назад +3

    Hi Les, nice video, this has always been a mystery to me. One issue I have noticed is that although Edge works as shown, Chrome still says the certificate is Invalid. Not sure why, any ideas? It does come good after setting up the certificate etc.
    Bad luck about Melbourne being back in lockdown, I'm in Forest Hill and was excited about starting to get out again :-(

    • @binarythistle
      @binarythistle  4 года назад +3

      Hi Steve. This drove me crazy for a bit until I restarted the browser! I should have mentioned that in the video. Drop us a line if that doesn't resolve it - seems to be working in Chrome for me, (after the restart). Another thing I should have mentioned is that Firefox uses its own cert store so uses will need to import the cert following these instructions: knowledge.digicert.com/solution/SO5437
      Yeah lock-down again is a pain, but I guess it's for the greater good! Hopefully the numbers start to drop. Thanks for feeding back, and stay safe, Les

    • @radeksendecki9922
      @radeksendecki9922 4 года назад

      I had the same issue. Thanks for Your question and aswer :)

  • @aliascross
    @aliascross 3 года назад

    Thanks, It's works well with Edge browser, but in my case, it does not work with Firefox or Safari (which ask to add an exception).
    Custom Certificate is it the good way to use API https connection a LAN Production project ?

  • @petargavrilov976
    @petargavrilov976 2 года назад

    Hi Les. I wonder why don't we remove the http entry from application url and just use https only ?

  • @gajarubanjeyakumar7226
    @gajarubanjeyakumar7226 2 года назад

    Thankyou!

  • @darshanyadav4784
    @darshanyadav4784 2 года назад

    Hello, I've a doubt. How do change the url length in kestrel so that I can pass strings of larger length?

  • @anbupa
    @anbupa Год назад

    Hola desde chile.. Si no quisiera levantarlo con Kestrel sino por iis express como sería?

  • @bblair2010
    @bblair2010 3 года назад

    Hey Les, I would I get this to work when deployed in Azure?

  • @alxizr
    @alxizr 4 года назад

    @Les Jackson
    #Les Jackson
    Hi, I was wondering if there is a way to utilize Typescript with dotnet core 3.1 and web api? I would really love to see the use of Typescript in the backend on dotnet core.

  • @vpep5439
    @vpep5439 4 года назад

    Thank you very much for sharing videos

  • @EminoMeneko
    @EminoMeneko Год назад

    On my work machine it... works.
    On Linux too.
    On my personal machine it... gets personal and throws 'System.Security.Cryptography.CryptographicException' occurred in System.Security.Cryptography.dll: 'Access denied.'
    Any idea what makes it break ?

  • @CarlosAndres-lv1zq
    @CarlosAndres-lv1zq 4 года назад

    Thank you so much

  • @crazyhiker379
    @crazyhiker379 4 года назад

    Thanks boss for your contents.

  • @joseperezbalan7788
    @joseperezbalan7788 Год назад

    could you make a video for certs in ubuntu or linux base os ?, i have spend three days and still have not got it to work.. dev certs for linux is a pain in the ass .

  • @nick11927
    @nick11927 4 года назад

    Thank you!

  • @kalpeshblue2
    @kalpeshblue2 4 года назад +1

    Super Like

  • @DanielFantaneanu
    @DanielFantaneanu 3 года назад

    nice

  • @3AgL3DeeJay
    @3AgL3DeeJay 4 года назад

    PLEASE HELP MEE!!!
    Amazing video but if I add that "var host = Dns.GetHostEntry("");" line in program.cs my code jumps to that line instead of entering into ".ConfigureServices((context, services) =>"... any idea why??? I'm trying to get the string with the domain from config so I'm using it like this: prnt.sc/vwnlaq
    thanks!

    • @3AgL3DeeJay
      @3AgL3DeeJay 4 года назад

      Solved it! Now I get a "The requested address is not valid in its context" error....

    • @3AgL3DeeJay
      @3AgL3DeeJay 4 года назад

      Nevermind, I solved it! :D I was using the domain IP in the localhost. Thanks for the video man!

  • @khaledslaimia3135
    @khaledslaimia3135 4 года назад

    what i fin dissapointing is a channel like that where we find a real treasure have little subscribers meanwhile gaming channels have millions.

  • @geojaya
    @geojaya 4 года назад

    Any one knows how to CA Signed Certificate to a custom domain using Kestrel

  • @zenobiusztasak8604
    @zenobiusztasak8604 3 года назад

    Does it work on .net 5 ? I get an error NET::ERR_CERT_COMMON_NAME_INVALID