What is the proper way to ensure SSL in Asp.Net 5

Question

I am building a new ASP.NET 5 website with MVC/Web Api, and hosting this on an Azure Website. I currently am running with beta 8.

My problems came when I built a controller with a POST method. Whenever I would deploy to my Azure Website calling the POST always results in a 502 Bad Gateway Error. "The CGI Application encountered an error and the server terminated the process". This same method works locally.

After a troubleshooting the issues I traced the problem down to a piece of Middleware I wrote that essentially sends a 302 Redirect whenever the request comes in on HTTP. The 302 sends the requests to the same host/path/query only on HTTPS.

When I remove this middleware the POST Works. Obviously this is causing the issue, but I have 2 questions.

1. Why would redirecting to HTTPS cause a failure to execute the POST
2. What is the proper way to ensure that requests come in over HTTPS.

My Middleware code:

if(!context.Request.IsHttps){
    var withHttps = "https://" + context.Request.Host + context.Request.Path;
    if(context.Request.QueryString.HasValue){
      withHttps += context.Request.QueryString.Value;
    }
    context.Response.Redirect(withHttps);
}
else{
    if(m_Next != null)
       await m_Next(context);
}

Answer 1

The problem is redirecting changes your POST HTTP command to GET command.

You have two choices:

• Change your controller action to accept GET command;
• Change your middle ware and have it to POST instead of redirecting;

Just found this on SO, it has information that might help you: