Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Carlos Casalicchio 176 posts 735 karma points
    Apr 16, 2023 @ 00:48
    Carlos Casalicchio
    1

    Umbraco v11 in Linux = Kestrel + Nginx Reverse Proxy + Https

    Has anyone been able to get Umbraco v11 to work with https in the backoffice, using the appsettings.json useHttps = true?

          {
        "$schema": "appsettings-schema.json",
        "Serilog": {
          "MinimumLevel": {
            "Default": "Information"
          },
          "WriteTo": [
            {
              "Name": "Async",
              "Args": {
                "configure": [
                  {
                    "Name": "Console"
                  }
                ]
              }
            }
          ]
        },
        "https_port": 5001,
        "Kestrel": {
          "Endpoints": {
            "Http": {
              "Url": "http://localhost:5000"
            },
            "HttpsInlineCertFile": {
              "Url": "https://localhost:5001",
              "Certificate": {
                "Path": "/www/server/panel/vhost/ssl/site.com/cert.pfx",
                "Password": "xxxxxxxxx"
              }
            }
          }
        }
        "AllowedHosts": "*",
        "Umbraco": {
          "CMS": {
            "Global": {
              "UseHttps": true,
             ... 
              }
            }
          }
        }
      }
    

    I got the site to open, but the backoffice doesn't

    enter image description here

    I couldn't find much to go on, on the internet.

  • Carlos Casalicchio 176 posts 735 karma points
    Aug 02, 2023 @ 00:30
    Carlos Casalicchio
    100

    I have figured out how to make it work.

    Important things to keep in mind:

    • Path to SSL certificate must be authorized to the www user
    • Configuration must be correct in appSettings.Production.json

    To avoid further errors, I've copied the SSL files to another folder

    • Ran the command sudo cp /www/server/panel/vhost/cert/site.com/* /www/cert/splatdev.com
    • Ran the command sudo chown www:www -R /www/cert/site.com/*
    • Restarted the umbraco (kestrel) service

    Here's an example of working appSettings file:

        {
          "$schema": "appsettings-schema.json",
          "Serilog": {
            "MinimumLevel": {
              "Default": "Information"
            },
            "WriteTo": [
              {
                "Name": "Async",
                "Args": {
                  "configure": [
                    {
                      "Name": "Console"
                    }
                  ]
                }
              }
            ]
          },
          "https_port": 5001,
          "AllowedHosts": "*",
          "Umbraco": {
            "CMS": {
              "WebRouting": {
                "UmbracoApplicationUrl": "https://www.site.com"
              },
              "MacroErrors": "Silent",
              "ModelsBuilder": {
                "ModelsMode": "Nothing",
                "DebugLevel": 0
              },
              "Global": {
                "UseHttps": true,
                "Smtp": {
                  "From": "[email protected]",
                  "Host": "smtp.server.org",
                  "Port": 587,
                  "Username": "[email protected]",
                  "Password": "xxxx"
                }
              },
              "Content": {
                "Notifications": {
                  "Email": "[email protected]"
                },
                "Error404Collection": [
                  {
                    "Culture": "default",
                    "ContentKey": "5f7d140d-871d-4133-bc89-b899c69685f0"
                  }
                ]
              },
              "Hosting": {
                "Debug": false
              },
              "RuntimeMinification": {
                "UseInMemoryCache": true,
                "CacheBuster": "Version",
                "Version": "112233"
              }
            }
          },
          "ConnectionStrings": {
            "umbracoDbDSN": "Server=localhost;Database=Site.Umbraco.Cms;user id=uuser;password=xxxx",
            "umbracoDbDSN_ProviderName": "Microsoft.Data.SqlClient"
          },
      //to use with mailkit
          "MailSettings": {
            "From": "[email protected]",
            "Server": "smtp.server.org",
            "Port": 587,
            "SenderName": "Webmaster",
            "SenderEmail": "[email protected]",
            "UserName": "[email protected]",
            "Password": "xxxx",
            "AdminEmail": "[email protected]"
          },
          "Kestrel": {
            "Endpoints": {
              "Http": {
                "Url": "http://localhost:5000"
              },
              "HttpsInlineCertFile": {
                "Url": "https://localhost:5001",
                "Certificate": {
                  "Path": "/www/cert/site.com/fullchain.pem",
                  "KeyPath": "/www/cert/site.com/privkey.pem"
                }
              }
            }
          }
        }
    

    Also, I am using Cloudflare, so I had to add a custom rule to disable X-XSS-Protection

    Cloudflare Rules

    And then, point the reverse proxy rule to port 5001 Reverse proxy

    Now, I got the health checklist to go all green Checklist

Please Sign in or register to post replies

Write your reply to:

Draft