Set Up HTTPS

LubeLogger runs on Kestrel, which is a cross-platform standalone web server provided by .NET

If you're running LubeLogger behind a reverse proxy(i.e. NGINX), then this walkthrough does not apply to you since the SSL certs will be served up by NGINX instead of Kestrel.

This article covers the step-by-step process to set up HTTPS for a LubeLogger instance.

Docker

If you're running LubeLogger on a Docker instance, first read this article by Microsoft

  1. Convert the .PEM / .CRT files into .PFX, read this StackOverflow post
  2. Open and modify the .env file and add the following lines(note that in this example I used bob as the password for the cert)
Note

You can use the LubeLogger Configurator for this step

ASPNETCORE_Kestrel__Certificates__Default__Password=bob
ASPNETCORE_Kestrel__Certificates__Default__Path=/https/<yourPFXCertificateName>.pfx
ASPNETCORE_URLS=https://+:443;http://+:80
  1. Open and modify docker-compose.yml. You will need to bind a new volume to the Docker container so that Kestrel can access the certificate file, additionally check the port bindings to ensure that traffic is being forwarded to port 443
volumes:
      - ~/https/:/https:ro
  1. Run docker-compose up -d to start up the container and https://localhost will now have a valid cert.

Windows

If you're running LubeLogger as the standalone Windows executable, first read this article by Microsoft

  1. Convert the .PEM / .CRT files into .PFX, read this StackOverflow post
  2. Open and modify appsettings.json located in the same directory as the CarCareTracker executable and add the following lines(note that in this example I used bob as the password for the cert)
Note

You can use the LubeLogger Configurator for this step

"Kestrel": {
    "Endpoints": {
      "Http": {
        "Url": "http://localhost:80"
      },
      "HttpsInlineCertFile": {
        "Url": "https://localhost:443",
        "Certificate": {
          "Path": "<path to .pfx file>",
          "Password": "bob"
        }
      }
}
  1. Restart the app and https://localhost will now have a valid cert.
On this page
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9