-
Notifications
You must be signed in to change notification settings - Fork 527
Kestrel doesn't log now listening on correctly for https #1296
Comments
@natemcmaster please ping @halter73 before you start looking into this. |
Related work: |
Problem is if you do .UseKestrel(options =>
{
options.Listen(IPAddress.Loopback, 5001, listenOptions =>
{
listenOptions.UseHttps("testCert.pfx", "testPassword");
listenOptions.UseConnectionLogging();
});
}) You still see this in the console:
|
I've already forgotten what we decided to do here. Was there going to be a new field on |
None of the design changes we discussed affect this issue, nor does #1519.
Should result in IServerAddressesFeature values being replaced with "https://127.0.0.1:5001/". |
Took a look at this again. Here are two options The simple one The make-an-abstraction one public interface IServerAddressProvider
{
// DisplayName = trying to communicate that the value is only used in console output or loggers
string GetServerAddressDisplayName();
}
cc @davidfowl |
For the first option, |
Second option is more flexible though. Someone could implement a Gopher adapter and set the scheme accordingly 😁 Doubt that would work 😛 |
Wait I forgot I had a design for this and it look nothing like the above. The idea was for connection filters to have a communication mechanism with kestrel for both scheme and protocol. When filters run and set the scheme and protocol (http, http2 when we do it). |
Attributes? // IHazAdapter = bag of properties about an an adapter
[IHazAdapter(Scheme = HttpScheme.Https)]
public class HttpsConnectionAdapter : IConnectionAdapter {}
[IHazAdapter(Scheme = HttpScheme.Https, Protocol = Protocols.Http2)]
public class TlsHttp2ConnectionAdapter : IConnectionAdapter {}
[IHazAdapter(Protocol = Protocols.Http2)]
public class RawHttp2ConnectionAdapter : IConnectionAdapter {}
// no attribute b/c this provides neither scheme or protocol
public class LoggingConnectionAdapater : IConnectionAdapter {} Or, an attribute per aspect: [HttpScheme(HttpScheme.Https)]
public class HttpsConnectionAdapter : IConnectionAdapter {}
[HttpScheme(HttpScheme.Https)]
[HttpProtocol(HttpProtocol.Http2)]
public class TlsHttp2ConnectionAdapter : IConnectionAdapter {}
[HttpProtcol(HttpProtocol.Http2)]
public class RawHttp2ConnectionAdapter : IConnectionAdapter {} |
A TLS connection can negotiate to use HTTP/1.1 or HTTP/2 via ALPN, it's not static. |
No, not attributes. It needs to be programmatic. As @Tratcher eludes to. It's state that set during the execution of the connection filter that the |
@davidfowl Ok, well instead of making more blind guesses at what you are thinking, can you share your design? |
I think there was a scheme and protocol setting because http1.1 can be over tcp or tls. Also there might be webrtc etc which can all be set by the tls layer. Definitely don't make it internal cause then we are "stuck" with SSLStream or what ever and I can't hack in kerb, ntlm, tls1.3 and all the cool stuff. (Well I can but it will involve even more hacking : ) |
I configured the basic middleware RewriteSample with
When I run the sample I see the output:
the https url should be
https://127.0.0.1:5001
The text was updated successfully, but these errors were encountered: