Blogs

Use Lets Encrypt SSL with AuctionWorx

by: Shailesh Patel in: General tags: AuctionWorxs,

Introduction

While developing ASP.NET or ASP.NET MVC Web or WebAPI applications, we use IIS self-signed certificate to test sites locally or on test servers with HTTPS enabled. Such HTTPS websites throw a warning message when they are accessed first time from any browser. If you are using WebAPI with HTTPS and trying to access those APIs from Ionic or iOS mobile applications, then it will not work. This article focuses on configuration of Let’s Encrypt SSL Certificate with AuctionWorx web application.

What is Let's Encrypt?

Let's Encrypt is a free, automated, and open Certificate Authority.

"To enable HTTPS on your website, you need to get a certificate (a type of file) from a Certificate Authority (CA). Let’s Encrypt is a CA. In order to get a certificate for your website’s domain from Let’s Encrypt, you have to demonstrate control over the domain. With Let’s Encrypt, you do this using software that uses the ACME protocol, which typically runs on your web host."

Read more about Let’s Encrypt from their FAQ or Get Started or How It Works links.

Let's Encrypt

1. Download letsencrypt-win-simple from GitHub and extract it on your server.

2. Run “letsencrypt.exe” and follow instructions or enter following command:

letsencrypt.exe --accepttos --manualhost your_website.com 
--webroot C:\inetpub\wwwroot\your_website_folder

 

It will add a new certificate under IIS > Server Certificates.

img1
Figure 1: IIS > Server Certificates

Copy files into root of your website under following folder ...your_website_folder\.well-known\acme-challenge

3. Now add following NuGet packages into RainWorx.FrameWorx.MVC project.

<?xml version="1.0" encoding="utf-8" ?>
<packages>
    <package id="Microsoft.Owin" version="2.1.0" targetFramework="net452" />
    <package id="Microsoft.Owin.FileSystems" version="3.1.0" targetFramework="net452" />
    <package id="Microsoft.Owin.StaticFiles" version="2.1.0" targetFramework="net452" />
    <package id="Owin" version="1.0" targetFramework="net452" />
</packages>

 

4. Add following line into Startup.cs file.

    
using Microsoft.Owin.FileSystems;


public class Startup
{
    public void Configuration(IAppBuilder app)
    {
        app.Map("/.well-known", letsEncrypt =>
        {
            letsEncrypt.Use((context, next) =>
            {
                IFileInfo file;
                var fileSystem = new PhysicalFileSystem(@".\.well-known");
                if (!fileSystem.TryGetFileInfo(context.Request.Path.Value, out file))
                {
                    return next();
                }
                return context.Response.SendFileAsync(file.PhysicalPath);
            });
        });
        GlobalHost.DependencyResolver.UseSqlServer(ConfigurationManager.ConnectionStrings["db_connection"].ConnectionString);
        app.MapSignalR();
    }
}

 

5. After adding above code publish a new build and access https://your_website.com and it will show a valid certificate.

About the Author

This post is written by Shailesh Patel on 25-Apr-2017
All categories
Tags