myrtille icon indicating copy to clipboard operation
myrtille copied to clipboard

Published 20 hours ago verified publisher icon cedrozor

SSL connection for the REST API

Open marcusfrenkel opened this issue 4 years ago • 3 comments

Is it possible to use SSL connection when connecting to the REST API?

Searching the docs, I could only find it possible to connect to the default admin port 8008, which does not support SSL.

I'm using version v2.9.2.

marcusfrenkel avatar May 25 '21 09:05 marcusfrenkel

If the connection is local to local, there is no real need for a secure connection; but if you need it, there you go : https://stackoverflow.com/questions/49091730/create-ssl-endpoint-on-port-443-for-self-hosted-owin-listener

You can even have the API listen on different ports:

var startOptions = new StartOptions();
startOptions.Urls.Add("http://+:80");
startOptions.Urls.Add("https://+:443");
webServer = WebApp.Start<MyMockClass>(startOptions);

But there is already IIS (and the Myrtille web application) which is listening on ports 80 and 443, so you need to use another ports. If you only want a secure connection, you have to modify the code at https://github.com/cedrozor/myrtille/blob/master/Myrtille.Admin.Services/MyrtilleApiHost.cs#L33:

var url = "http://*:" + Settings.Default.WebApiPort + "/MyrtilleAdmin/";
Console.WriteLine($"{DateTime.UtcNow} - Starting Myrtille Admin API at url: " + url);

try
{
	_selfHostObject = WebApp.Start<Startup>(url);
}
catch (Exception ex)
{
	_selfHostObject?.Dispose();
	Console.WriteLine($"{DateTime.UtcNow} - Failed to start Myrtille Admin API with error {ex}");
}

replace with

var startOptions = new StartOptions();
startOptions.Urls.Add("https://*:" + Settings.Default.WebApiPort);

try
{
	_selfHostObject = WebApp.Start<Startup>(startOptions);
}
catch (Exception ex)
{
	_selfHostObject?.Dispose();
	Console.WriteLine($"{DateTime.UtcNow} - Failed to start Myrtille Admin API with error {ex}");
}

into App.config at https://github.com/cedrozor/myrtille/blob/master/Myrtille.Admin.Services/App.config#L29, set a secure port (other than 443, used by IIS):

<applicationSettings>
<Myrtille.Admin.Services.Properties.Settings>
  <setting name="WebApiPort" serializeAs="String">
	<value>4430</value>
  </setting>
</Myrtille.Admin.Services.Properties.Settings>
</applicationSettings>

Then you need to bind an SSL certificate to the port 4430: https://chavli.com/how-to-configure-owin-self-hosted-website-with-ssl/

cedrozor avatar May 25 '21 12:05 cedrozor

I need non-local access, an external web panel makes the API calls over public net. There is no need of using the standard 80/443 ports.

Your solution seems pretty smooth, unfortunately I don't have the knowledge to compile this kind of language/project.

If by any chance possible for a next version, please modify the code to use StartOptions and add an option to configure the entire api URL (whether http or https) from Web.config. I believe it will be useful to many.

Thanks!

marcusfrenkel avatar May 26 '21 11:05 marcusfrenkel

I will make sure to do so. Thank you for your contribution!

cedrozor avatar May 30 '21 11:05 cedrozor