1

From the project properties we could do it as follows for IIS Express enter image description here

but I am using the console for a IdentityServer4 Identity provider host. enter image description here so I must configure it from Program.cs or Startup.cs since I have no such options on project properties when using console. enter image description here

Camilo Terevinto
  • 31,141
  • 6
  • 88
  • 120
alhpe
  • 1,424
  • 18
  • 24
  • 1
    AFAIK: Windows authentication is provided **by** IIS. You remove IIS you remove Windows Authentication. Kestrel is not intended to be hosted without a reverse proxy like IIS or nginx – Camilo Terevinto Apr 17 '18 at 13:52
  • Yes. I had read documentation about Kestrel vs HTTP.sys and I had found very useful that answer: https://stackoverflow.com/questions/46621788/how-to-use-https-ssl-with-kestrel-in-asp-net-core-2-x – alhpe Apr 19 '18 at 16:49
  • I hope you read the "IMPORTANT NOTE" over and over again. While your scenario is supported, it's a very bad idea – Camilo Terevinto Apr 19 '18 at 16:52

2 Answers2

1

IIS and Windows authentication is not applicable when you host your service with the console app. I am using the below code enable HTTPS for my identity server

public static IWebHost BuildWebHost(string[] args) =>
            WebHost.CreateDefaultBuilder(args)
                .UseKestrel(options => 
                {
                    options.Listen(IPAddress.Any,44333, listenOptions =>
                    {
                      listenOptions.UseHttps("Path to SSL certificate","SSL Cert Password");
                        }

                    });
                })
                .UseStartup<Startup>()
                .Build();
Thangadurai
  • 2,573
  • 26
  • 32
1

I see you are using .NET Core.

.NET Core is hosted in Kestrel instead of the normal IIS and does not support windows authentication. Although you can use HTTP.sys which is a web server implementation in .NET Core and does support windows authentication.

The below code configures the app's web host to use HTTP.sys with Windows authentication.

public class Program
{
    public static void Main(string[] args) => 
        BuildWebHost(args).Run();

    public static IWebHost BuildWebHost(string[] args) =>
        WebHost.CreateDefaultBuilder(args)
            .UseStartup<Startup>()
            .UseHttpSys(options =>
            {
                options.Authentication.Schemes = 
                    AuthenticationSchemes.NTLM | AuthenticationSchemes.Negotiate;
                options.Authentication.AllowAnonymous = false;
            })
            .Build();
}

the article explaining this code is here

Ebbelink
  • 574
  • 3
  • 16
  • ".NET Core is hosted in Kestrel instead of the normal IIS and does not support windows authentication" this is completely wrong. Kestrel supports IIS and it's the default integration in new projects – Camilo Terevinto Apr 19 '18 at 16:50
  • Since HTTP.sys only works on windows and I will porting to docker the application behind a web server proxy. I will continue using Kestrel. Thanks anyway for your reply – alhpe Apr 19 '18 at 16:51
  • @Camilo Terevinto please check here for more information on Kestrel: [Kestrel web server](https://learn.microsoft.com/en-us/aspnet/core/fundamentals/servers/kestrel?view=aspnetcore-2.1&tabs=aspnetcore2x). > Kestrel is a cross-platform web server for ASP.NET Core based on libuv, a cross-platform asynchronous I/O library. Kestrel is the web server that's included by default in ASP.NET Core project templates. Kestrel is the web server .NET Core is hosted in. IIS is one of many possiblities to use as a reverse proxy to get the traffic to the Kestrel web server. -edit for user tagging – Ebbelink Apr 20 '18 at 11:11