Enforcing SSL topic: HTTPS_PORT env var details #7767
Conversation
|
FYI I'm out at an event most of the week, I'll catch up on these later in the week. |
aspnetcore/security/enforcing-ssl.md
Outdated
| * `ASPNETCORE_HTTPS_PORT` environment variable. | ||
| * `ASPNETCORE_HTTPS_PORT` environment variable when the app relies on either of the following host configuration approaches. Otherwise, the port is configured by setting the `HTTPS_PORT` environment variable. | ||
| - The app runs on the [Web Host](xref:fundamentals/host/web-host). | ||
| - The app uses the environment variable configuration provider ([AddEnvironmentVariables(IConfigurationBuilder, String)](/dotnet/api/microsoft.extensions.configuration.environmentvariablesextensions.addenvironmentvariables#Microsoft_Extensions_Configuration_EnvironmentVariablesExtensions_AddEnvironmentVariables_Microsoft_Extensions_Configuration_IConfigurationBuilder_System_String_)) with a prefix of `ASPNETCORE_`. |
There was a problem hiding this comment.
Can we use the pattern from Hosting?
https://docs.microsoft.com/en-us/aspnet/core/fundamentals/host/web-host?view=aspnetcore-2.1#host-configuration-values
This is the same kind of config value, we only recommend providing it as an environment variable.
There was a problem hiding this comment.
The key seems to break with tradition ... I was expecting httpsPort.
It should be added over in the host configuration of Web Host, mentioned in the Enforcing HTTPS topic, and linked over.
Web Host
**Key**: https_port
**Type**: *string*
**Default**: 443
**Set using**: `UseSetting`
**Environment variable**: `ASPNETCORE_HTTPS_PORT````csharp
WebHost.CreateDefaultBuilder(args)
.UseSetting("https_port", "8080")
```
Generic Host
No bearing ... no web workloads (at this time).
|
@Tratcher Ok ... try it now. [EDIT]
Let me know if it should say that explicitly. |
There was a problem hiding this comment.
Can you also update the earlier line "Uses the default HttpsRedirectionOptions.HttpsPort (443)."? There was a last minute design change where the default was removed, the middleware only activates if a port is explicitly set via options or config, or discovered from the local server.
We were having trouble with sites redirecting to 443 when they didn't have that port configured yet.
|
|
||
| ### HTTPS Port | ||
|
|
||
| Set the HTTPS port. Used in [enforcing HTTPS](xref:security/enforcing-ssl). |
|
|
||
| **Key**: https_port | ||
| **Type**: *string* | ||
| **Default**: 443 |
aspnetcore/security/enforcing-ssl.md
Outdated
| * [HttpsRedirectionOptions.HttpsPort](/dotnet/api/microsoft.aspnetcore.httpspolicy.httpsredirectionoptions.httpsport). See the preceding example that shows how to set the port to 5001. | ||
| **Key**: https_port | ||
| **Type**: *string* | ||
| **Default**: 443 |
Fixes #7659
More to come on remarks about env vars across the repo when I get to the Configuration coverage issue (#7102).
I think we're going to have to go in this direction wherever we mention env vars explicitly because we probably won't be able to rely on prior knowledge when they're mentioned outside of config/hosting. I'll analyze the situation further later this week or early next week. For now, this will fix this one spot.