Doc/UpgradeLog/Sers2.1.txt

@@ -158,3 +158,5 @@ Serslot
 
 --------------------------------------
 
+[2021-09-23]
+  [Vit.WebHost]Ö§³Öhttps

dotnet/Gateway/App.Gateway/appsettings.json

@@ -84,6 +84,14 @@
         /* url,可多个 */
         "urls": [ "http://*:4582" ],
 
+        /* https证书配置，可不指定。若urls中指定了https协议，请在此指定对应的https证书 */
+        "//certificates": [
+          {
+            "filePath": "data/serset-com-iis-0923120142.pfx",
+            "password": "password"
+          }
+        ],
+
         /* 是否允许跨域访问，默认true */
         "allowAnyOrigin": true,
 

dotnet/Library/Sers/Sers.Gateway/Sers.Gateway/GatewayHelp.cs

@@ -47,7 +47,7 @@ namespace Sers.Gateway
             #region (x.3)初始化WebHost
 
             //(x.x.1)指定可以与iis集成（默认无法与iis集成）
-            arg.OnCreateWebHostBuilder = () => Microsoft.AspNetCore.WebHost.CreateDefaultBuilder().UseVitConfig();
+            arg.OnCreateWebHostBuilder = () => Microsoft.AspNetCore.WebHost.CreateDefaultBuilder().UseVitConfig().UseCertificates(arg.certificates);
 
 
             #region (x.x.2)转发web请求到Sers(网关核心功能)

dotnet/Library/Vit/Vit.WebHost/Extensions/UseCertificates/CertificateInfo.cs

@@ -0,0 +1,19 @@
+using Newtonsoft.Json;
+
+
+namespace Vit.WebHost.Extensions.UseCertificates
+{
+    #region CertificateInfo
+    [JsonObject(MemberSerialization.OptIn)]
+    public class CertificateInfo
+    {
+      
+        [JsonProperty]
+        public string filePath { get; set; }
+
+        [JsonProperty]
+        public string password { get; set; }
+
+    }
+    #endregion
+}

dotnet/Library/Vit/Vit.WebHost/Extensions/UseCertificates/IServiceCollectionExtensions_UseCertificates.cs

@@ -2,6 +2,7 @@
 using System.Collections.Generic;
 using System.Security.Cryptography.X509Certificates;
 using Vit.Core.Util.Common;
+using Vit.WebHost.Extensions.UseCertificates;
 
 namespace Vit.Extensions
 {
@@ -32,8 +33,24 @@ namespace Vit.Extensions
         /// <returns></returns>
         public static IServiceCollection UseCertificates(this IServiceCollection data, string configPath = "server.certificates")
         {
+            var configs = Vit.Core.Util.ConfigurationManager.ConfigurationManager.Instance.GetByPath<CertificateInfo[]>(configPath);
+            return data.UseCertificates(configs);
+        }
+
+
+
+
+        /// <summary>
+        /// 加载https证书
+        /// </summary>
+        /// <param name="data"></param>
+        /// <param name="certificates">证书配置</param>
+        /// <returns></returns>
+        public static IServiceCollection UseCertificates(this IServiceCollection data, CertificateInfo[] certificates)
+        {
+            if (certificates == null || certificates.Length == 0) return data;
 
-            //var certificate = new X509Certificate2(@"L:\Code\AliSvn\Lith\ssl证书\sersit-com-iis-0923120142.pfx", "Admin0123");
+            //var certificate = new X509Certificate2(@"L:\Code\sersit-com-iis-0923120142.pfx", "password");
             ////var dnsName = certificate.GetNameInfo(X509NameType.SimpleName, false);
             //var dnsName = certificate.GetNameInfo(X509NameType.DnsName, false);
 
@@ -41,10 +58,9 @@ namespace Vit.Extensions
             //(x.1)构建证书字典
             X509Certificate2 defaultCert = null;
             Dictionary<string, X509Certificate2> certMap = new Dictionary<string, X509Certificate2>();
-            foreach (var item in Vit.Core.Util.ConfigurationManager.ConfigurationManager.Instance.GetByPath<Newtonsoft.Json.Linq.JArray>(configPath)
-                ?? new Newtonsoft.Json.Linq.JArray())
+            foreach (var config in certificates)
             {
-                var certificate = new X509Certificate2(CommonHelp.GetAbsPath(item["filePath"].ToString()), item["password"].ToString());
+                var certificate = new X509Certificate2(CommonHelp.GetAbsPath(config.filePath), config.password);
                 var dnsName = certificate.GetNameInfo(X509NameType.DnsName, false);
                 certMap[dnsName] = certificate;
 

dotnet/Library/Vit/Vit.WebHost/Extensions/UseCertificates/IWebHostBuilderExtensions_UseCertificates.cs

@@ -1,5 +1,7 @@
 using Microsoft.AspNetCore.Hosting;
 
+using Vit.WebHost.Extensions.UseCertificates;
+
 namespace Vit.Extensions
 {
     public static partial class IWebHostBuilderExtensions_UseCertificates
@@ -32,5 +34,18 @@ namespace Vit.Extensions
             data?.ConfigureServices(services=> services.UseCertificates(configPath)); 
             return data;
         }
+
+
+        /// <summary>
+        /// 加载https证书 
+        /// </summary>
+        /// <param name="data"></param>
+        /// <param name="certificates">证书配置</param>
+        /// <returns></returns>
+        public static IWebHostBuilder UseCertificates(this IWebHostBuilder data, CertificateInfo[] certificates)
+        {
+            data?.ConfigureServices(services => services.UseCertificates(certificates));
+            return data;
+        }
     }
 }

dotnet/Library/Vit/Vit.WebHost/HostRunArg.cs

@@ -4,6 +4,8 @@ using Microsoft.AspNetCore.Hosting;
 using Microsoft.Extensions.DependencyInjection;
 using Newtonsoft.Json;
 
+using Vit.WebHost.Extensions.UseCertificates;
+
 namespace Vit.WebHost
 {
     [JsonObject(MemberSerialization.OptIn)]
@@ -18,6 +20,13 @@ namespace Vit.WebHost
         [JsonProperty]
         public string[] urls;
 
+
+        /// <summary>
+        /// 
+        /// </summary>       
+        [JsonProperty]
+        public CertificateInfo[] certificates;
+
         /// <summary>
         /// 是否允许跨域访问，默认true
         /// </summary>       

dotnet/ServiceCenter/App.Gover.Gateway/appsettings.json

@@ -84,6 +84,14 @@
         /* url,可多个 */
         "urls": [ "http://*:4581" ],
 
+        /* https证书配置，可不指定。若urls中指定了https协议，请在此指定对应的https证书 */
+        "//certificates": [
+          {
+            "filePath": "data/serset-com-iis-0923120142.pfx",
+            "password": "password"
+          }
+        ],
+
         /* 是否允许跨域访问，默认true */
         "allowAnyOrigin": true,
 

dotnet/ServiceCenter/App.ServiceCenter/appsettings.json

@@ -474,6 +474,14 @@
         /* url,可多个 */
         "urls": [ "http://*:4580" ],
 
+        /* https证书配置，可不指定。若urls中指定了https协议，请在此指定对应的https证书 */
+        "//certificates": [
+          {
+            "filePath": "data/serset-com-iis-0923120142.pfx",
+            "password": "password"
+          }
+        ],
+
         /* 是否允许跨域访问，默认true */
         "allowAnyOrigin": true,