I'm looking for how enforce https in my web api server using IIS hosting.
My project has a vuejs client web in wwwroot and .NET Core web api.
Web api can use IIS or Kestrel.
With kestrel and correct config, when I execute exe file of server I have this :
Server listen on port 64444 on https.
But if I use IIS, when I browse the site and IIS launch exe file, I have this :
The site on IIS is correctly configured, with unmanaged code app pool and a binding on https with port 64443. When I browse the site to url https://localhost:64443, the site works correctly but I can see clear traffic with wireshark between IIS and web api server.
I try to add "https_port" in appsettings.json but it doesn't work.
Host config :
UseHttpsRedirection is configure on app.
Thank you for your help
I found where was the problem, the hosting model was set on "OutOfProcess", in order to use Kestrel behind IIS, but in this hosting model, communication between IIS and kestrel always use HTTP even if Kestrel was set tu use HTTPS : "The module doesn't support HTTPS forwarding. Requests are forwarded over HTTP even if received by IIS over HTTPS" (learn.microsoft.com/en-us/aspnet/core/host-and-deploy/iis/…)