无法在 Azure 应用服务上启动 Kestrel 抛出无法配置 HTTPS 端点异常

Question

我的应用程序部署到运行dotnet core 3.1.2的Azure 应用服务。（已安装扩展）

连接到 Kudo 控制台并运行时，dotnet Reporting.API.dll输出为：

dotnet Reporting.API.dll
[09:53:21 DBG] Hosting starting
[09:53:25 INF] Azure Web Sites environment detected. Using 'D:\home\ASP.NET\DataProtection-Keys' as key repository; keys will not be encrypted at rest.
[09:53:25 INF] Starting the processing server.
[09:53:25 DBG] Reading data from file 'D:\home\ASP.NET\DataProtection-Keys\key-9d61e53e-50f6-48c2-9fb1-76edd2ec884c.xml'.
[09:53:25 DBG] Reading data from file 'D:\home\ASP.NET\DataProtection-Keys\key-9f563cfe-7cea-4332-8010-c2e0c485ee39.xml'.
[09:53:25 DBG] Reading data from file 'D:\home\ASP.NET\DataProtection-Keys\key-a4632346-de3c-4726-b84d-067511ba48de.xml'.
[09:53:25 DBG] Reading data from file 'D:\home\ASP.NET\DataProtection-Keys\key-cbf59895-b970-4cbf-aad1-eb4387edb6ab.xml'.
[09:53:25 DBG] Reading data from file 'D:\home\ASP.NET\DataProtection-Keys\key-f5be7258-dbc8-4f36-8f3e-930073d353b2.xml'.
[09:53:25 DBG] Found key {9d61e53e-50f6-48c2-9fb1-76edd2ec884c}.
[09:53:25 DBG] Found key {9f563cfe-7cea-4332-8010-c2e0c485ee39}.
[09:53:25 DBG] Found key {a4632346-de3c-4726-b84d-067511ba48de}.
[09:53:25 DBG] Found key {cbf59895-b970-4cbf-aad1-eb4387edb6ab}.
[09:53:25 DBG] Found key {f5be7258-dbc8-4f36-8f3e-930073d353b2}.
[09:53:25 DBG] Considering key {a4632346-de3c-4726-b84d-067511ba48de} with expiration date 2020-05-26 16:44:50Z as default key.
[09:53:25 DBG] Opening CNG algorithm 'AES' from provider 'null' with chaining mode CBC.
Unhandled exception.[09:53:25 DBG] Opening CNG algorithm 'SHA256' from provider 'null' with HMAC.
[09:53:25 DBG] Using key {a4632346-de3c-4726-b84d-067511ba48de} as the default key.
[09:53:25 DBG] Key ring with default key {a4632346-de3c-4726-b84d-067511ba48de} was loaded during application startup.
[09:53:25 DBG] Failed to locate the development https certificate at 'null'.
[09:53:25 DBG] Unable to locate an appropriate development https certificate.
[09:53:25 FTL] Unable to start Kestrel.
System.InvalidOperationException: Unable to configure HTTPS endpoint. No server certificate was specified, and the default developer certificate could not be found or is out of date.
To generate a developer certificate run 'dotnet dev-certs https'. To trust the certificate (Windows and macOS only) run 'dotnet dev-certs https --trust'.
For more information on configuring HTTPS see https://go.microsoft.com/fwlink/?linkid=848054.
        at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.UseHttps(ListenOptions listenOptions, Action`1 configureOptions)
        at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.UseHttps(ListenOptions listenOptions)
        at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.AddressesStrategy.BindAsync(AddressBindContext context)
        at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.BindAsync(IServerAddressesFeature addresses, KestrelServerOptions serverOptions, ILogger logger, Func`2 createBinding)
        at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServer.StartAsync[TContext](IHttpApplication`1 application, CancellationToken cancellationToken)
[09:53:25 DBG] Hosting shutdown
[09:53:25 INF] Queued Hosted Service is stopping.
System.InvalidOperationException: Unable to configure HTTPS endpoint. No server certificate was specified, and the default developer certificate could not be found or is out of date.
To generate a developer certificate run 'dotnet dev-certs https'. To trust the certificate (Windows and macOS only) run 'dotnet dev-certs https --trust'.
For more information on configuring HTTPS see https://go.microsoft.com/fwlink/?linkid=848054.
        at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.UseHttps(ListenOptions listenOptions, Action`1 configureOptions)
        at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.UseHttps(ListenOptions listenOptions)
        at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.AddressesStrategy.BindAsync(AddressBindContext context)
        at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.BindAsync(IServerAddressesFeature addresses, KestrelServerOptions serverOptions, ILogger logger, Func`2 createBinding)
        at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServer.StartAsync[TContext](IHttpApplication`1 application, CancellationToken cancellationToken)
        at Microsoft.AspNetCore.Hosting.WebHost.StartAsync(CancellationToken cancellationToken)
        at Microsoft.AspNetCore.Hosting.WebHostExtensions.RunAsync(IWebHost host, CancellationToken token, String startupMessage)
        at Microsoft.AspNetCore.Hosting.WebHostExtensions.RunAsync(IWebHost host, CancellationToken token, String startupMessage)
        at Microsoft.AspNetCore.Hosting.WebHostExtensions.RunAsync(IWebHost host, CancellationToken token)
        at Microsoft.AspNetCore.Hosting.WebHostExtensions.Run(IWebHost host)
        at Reporting.API.Program.Main(String[] args) in C:\agent-02\_work\35\s\src\Reporting.API\Program.cs:line 19

我的Startup.cs非常标准：

public void Configure(IApplicationBuilder app)
{
    app.UseCors("CorsPolicy");

    app.UseRouting();

    app.UseAuthentication();

    app.UseAuthorization();

    app.UseMvc();
}

有任何想法吗？

更新app.UseHttpsRedirection();：我已从配置方法中删除。

出于澄清目的：仅 HTTPS设置为 true

Answer 1

您可以尝试配置 Kestrel 以使用您的证书：

//**Program.cs :**
static IHostBuilder CreateHostBuilder(string[] args) =>
    Host.CreateDefaultBuilder(args)
        .ConfigureWebHostDefaults(webHostBuilder =>
        {
            webHostBuilder.**UseKestrel**((builderContext, options) =>
            {
                options.Configure(builderContext.Configuration.**GetSection("Kestrel")**);
            });
        });

//**appsettings.json (or appsettings.development.json etc) :**    
"Kestrel": {
    "EndPoints": {
        "Http": {
            "Url": "http://yoursite.azurewebsites.net"
        },
      
        // Note: You most likely only need one of the following Https sections, thus only one is uncommented here...
        
        //"HttpsInlineCertFile": {
        //  "Url": "https://yoursite.azurewebsites.net:443",
        //  "Certificate": {
        //      "Subject": "YourCertName",
        //      "Store": "My", //"root",
        //      "Location": "LocalMachine", //"CurrentUser",
        //      "AllowInvalid": "True"
        //  }
        //}
        //"HttpsInlineCertStore": {
        //  "Url": "https://yoursite.azurewebsites.net:443",
        //  "Certificate": {
        //      "Subject": "YourCertName",
        //      "Store": "My", //"root",
        //      "Location": "LocalMachine", //"CurrentUser",
        //      "AllowInvalid": "True"
        //  }
        //}
        //"HttpsDefaultCert": {
        //  "Url": "https://yoursite.azurewebsites.net:443"
        //}
        "Https": {
            "Url": "https://*:443"
            "Certificate": {
            "Subject": "localhost",
            "Store": "My", //"root",
            "Location": "LocalMachine", //"CurrentUser",
            "AllowInvalid": "True"
            }
        }
    }
    // If using HttpsDefaultCert above, uncomment the following...
    //,
    //"Certificates": {
    //  "Default": {
    //    "Subject": "YourCertName",
    //    "Store": "My", //"root",
    //    "Location": "LocalMachine", //"CurrentUser",
    //    "AllowInvalid": true
    //  }
    //}
}