✨ Load certificate to use HTTPs

2025-07-20 16:51:47 +08:00
parent f499e7d31a
commit 4557631153
7 changed files with 31 additions and 44 deletions
--- a/DysonNetwork.Drive/Program.cs
+++ b/DysonNetwork.Drive/Program.cs
@@ -9,7 +9,7 @@ using tusdotnet.Stores;
 var builder = WebApplication.CreateBuilder(args);
 // Configure Kestrel and server options
-builder.ConfigureAppKestrel();
+builder.ConfigureAppKestrel(builder.Configuration);
 // Add application services
 builder.Services.AddRegistryService(builder.Configuration);
--- a/DysonNetwork.Pass/Program.cs
+++ b/DysonNetwork.Pass/Program.cs
@@ -9,7 +9,7 @@ using Microsoft.EntityFrameworkCore;
 var builder = WebApplication.CreateBuilder(args);
 // Configure Kestrel and server options
-builder.ConfigureAppKestrel();
+builder.ConfigureAppKestrel(builder.Configuration);
 // Add metrics and telemetry
 builder.Services.AddAppMetrics();
--- a/DysonNetwork.Pusher/Program.cs
+++ b/DysonNetwork.Pusher/Program.cs
@@ -1,13 +1,14 @@
 using DysonNetwork.Pusher;
 using DysonNetwork.Pusher.Startup;
 using DysonNetwork.Shared.Auth;
 using DysonNetwork.Shared.Http;
 using DysonNetwork.Shared.Registry;
 using Microsoft.EntityFrameworkCore;
 var builder = WebApplication.CreateBuilder(args);
 // Configure Kestrel and server options
-builder.ConfigureAppKestrel();
+builder.ConfigureAppKestrel(builder.Configuration);
 // Add application services
 builder.Services.AddRegistryService(builder.Configuration);
--- a/DysonNetwork.Pusher/Startup/KestrelConfiguration.cs
+++ b/DysonNetwork.Pusher/Startup/KestrelConfiguration.cs
@@ -1,17 +0,0 @@
 namespace DysonNetwork.Pusher.Startup;
 public static class KestrelConfiguration
 {
    public static WebApplicationBuilder ConfigureAppKestrel(this WebApplicationBuilder builder)
    {
        builder.Host.UseContentRoot(Directory.GetCurrentDirectory());
        builder.WebHost.ConfigureKestrel(options =>
        {
            options.Limits.MaxRequestBodySize = 50 * 1024 * 1024;
            options.Limits.KeepAliveTimeout = TimeSpan.FromMinutes(2);
            options.Limits.RequestHeadersTimeout = TimeSpan.FromSeconds(30);
        });
        return builder;
    }
 }
--- a/DysonNetwork.Shared/Http/KestrelConfiguration.cs
+++ b/DysonNetwork.Shared/Http/KestrelConfiguration.cs
@@ -1,13 +1,16 @@
 using System.Security.Cryptography;
 using System.Security.Cryptography.X509Certificates;
 using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Hosting;
 using Microsoft.AspNetCore.Server.Kestrel.Core;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.Hosting;
 namespace DysonNetwork.Shared.Http;
 public static class KestrelConfiguration
 {
-    public static WebApplicationBuilder ConfigureAppKestrel(this WebApplicationBuilder builder)
+    public static WebApplicationBuilder ConfigureAppKestrel(this WebApplicationBuilder builder, IConfiguration configuration)
    {
        builder.Host.UseContentRoot(Directory.GetCurrentDirectory());
        builder.WebHost.ConfigureKestrel(options =>
@@ -15,10 +18,26 @@ public static class KestrelConfiguration
            options.Limits.MaxRequestBodySize = 50 * 1024 * 1024;
            options.Limits.KeepAliveTimeout = TimeSpan.FromMinutes(2);
            options.Limits.RequestHeadersTimeout = TimeSpan.FromSeconds(30);
-            options.ConfigureEndpointDefaults(endpoints =>
+            
            var certPath = configuration["Service:ClientCert"]!;
            var keyPath = configuration["Service:ClientKey"]!;
            // Load PEM cert and key manually
            var certificate = X509Certificate2.CreateFromPemFile(certPath, keyPath);
            // You MUST call this to make sure the key is usable
            certificate = certificate.CopyWithPrivateKey(
                RSA.Create()
            );
            // Now pass the full cert
            options.ListenAnyIP(5001, listenOptions =>
            {
-                endpoints.Protocols = HttpProtocols.Http1AndHttp2;
+                listenOptions.UseHttps(certificate);
            });
            // Optional: HTTP fallback
            options.ListenAnyIP(8080);
        });
        return builder;
--- a/DysonNetwork.Sphere/Program.cs
+++ b/DysonNetwork.Sphere/Program.cs
@@ -1,4 +1,5 @@
 using DysonNetwork.Shared.Auth;
 using DysonNetwork.Shared.Http;
 using DysonNetwork.Shared.Registry;
 using DysonNetwork.Sphere;
 using DysonNetwork.Sphere.Startup;
@@ -7,7 +8,7 @@ using Microsoft.EntityFrameworkCore;
 var builder = WebApplication.CreateBuilder(args);
 // Configure Kestrel and server options
-builder.ConfigureAppKestrel();
+builder.ConfigureAppKestrel(builder.Configuration);
 // Add metrics and telemetry
 builder.Services.AddAppMetrics();
--- a/DysonNetwork.Sphere/Startup/KestrelConfiguration.cs
+++ b/DysonNetwork.Sphere/Startup/KestrelConfiguration.cs
@@ -1,17 +0,0 @@
 namespace DysonNetwork.Sphere.Startup;
 public static class KestrelConfiguration
 {
    public static WebApplicationBuilder ConfigureAppKestrel(this WebApplicationBuilder builder)
    {
        builder.Host.UseContentRoot(Directory.GetCurrentDirectory());
        builder.WebHost.ConfigureKestrel(options =>
        {
            options.Limits.MaxRequestBodySize = 50 * 1024 * 1024;
            options.Limits.KeepAliveTimeout = TimeSpan.FromMinutes(2);
            options.Limits.RequestHeadersTimeout = TimeSpan.FromSeconds(30);
        });
        return builder;
    }
 }