Asp.Net Core 2.0 HTTP -> HTTPS on Kestrel

Question

I am learning Web-Based Programming and currently chose to work on Asp.Net Core 2.0. I had successfully created a Web App with 2 layers of Controllers Home & API. The Home Controller interacts directly with my Views while the API controller is called using GetAsync, PostAsync, PutAsync, etc. from my Home controller. Recent I decided to move this app into HTTPS. Learned about self-signed certificates and had successfully gotten it to run except my API becomes inaccessible.

With SSL switched off, I could still call my API with Postman.

I used to call my API using this URI: http://localhost:5667/api/WebApi.

  var response = client.GetAsync(“SomeApi”)
    response.Wait();

Now I tried using URI: https://localhost:5667/api/WebApi but breaks at response.Wait().

Any advice, please. Thanks in advance

As requested: here’s a portion of my Startup.cs

services.AddMvc(
   options =>
   {
       options.SslPort=5667;
       options.Filters.Add(new RequireHttpsAttribute());
    }
 );

 services.AddAntiforgery(
  options => 
  {
        options.Cookie.Name=“_af”;
        options.Cookie.HttpOnly = true;
        options.Cookie.SecurePolicy=CookieSecurePolicy.Always;
        options.HeaderName=“X-XSRF-TOKEN”;
     }
   )

Answer 1

HTTP and HTTPS cannot be served over the same port. If your localhost HTTP endpoint is on 5667, then likely your HTTPS endpoint is on 5668 - though you can check the port number for yourself in the info that Kestrel will log on startup.

In production, HTTP is typically served over port 80, while HTTPS is served over port 443. These are the defaults if you don't specify otherwise.

Separately, you might want to consider enabling HTTPS redirection in your Configure block:

app.UseHttpsRedirection();