{"id":13065,"date":"2018-04-12T17:42:44","date_gmt":"2018-04-13T00:42:44","guid":{"rendered":"https:\/\/blogs.msdn.microsoft.com\/webdev\/?p=13065"},"modified":"2018-04-12T17:42:44","modified_gmt":"2018-04-13T00:42:44","slug":"asp-net-core-2-1-0-preview2-improvements-to-the-kestrel-http-server","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/dotnet\/asp-net-core-2-1-0-preview2-improvements-to-the-kestrel-http-server\/","title":{"rendered":"ASP.NET Core 2.1.0-preview2: Improvements to the Kestrel HTTP server"},"content":{"rendered":"

Change default transport to Sockets<\/h2>\n

Building off the improvements to the managed sockets implementation in .NET Core we have changed the default transport in Kestrel from libuv to sockets. As a consequence, the\u00a0<\/span>Microsoft.AspNetCore.Server.Kestrel.Transport.Libuv<\/code>\u00a0<\/span>package is no longer part of the\u00a0<\/span>Microsoft.AspNetCore.App<\/code>\u00a0<\/span>metapackage.<\/p>\n

How to switch back to libuv<\/h3>\n

To continue using libuv as your transport, you will need to add reference to the libuv package and modify your application to use libuv as it’s transport. Alternatively, you can reference the\u00a0<\/span>Microsoft.AspNetCore.All<\/code>\u00a0<\/span>metapackage which includes a transitive dependency on the libuv package.<\/p>\n

\n
dotnet add package Microsoft.AspNetCore.Server.Kestrel.Transport.Libuv -v 2.1.0-preview2-final<\/pre>\n<\/div>\n
\n
public<\/span> static<\/span> IWebHostBuilder<\/span> CreateWebHostBuilder<\/span>(string<\/span>[] args<\/span>) =>\n    WebHost.CreateDefaultBuilder(args)\n        .UseLibuv()\n        .UseStartup<Startup>();<\/pre>\n<\/div>\n
SNI support<\/h2>\n
Server Name Indication (SNI) is extension to the TLS protocol that allows clients to send the desired hostname unencrypted as part of the TLS handshake. As a consequence, you can host multiple domains on the same IP\/Port and use the hostname to respond with the correct certificate. In 2.1.0-preview2, Kestrel has added a\u00a0<\/span>ServerCertificateSelector<\/code>\u00a0<\/span>callback which is invoked once per connection to allow you select the right certificate. If you specify a\u00a0<\/span>ServerCertificateSelector<\/code>, the selector will always take precedence over any specified server certificate.<\/p>\n
SNI support requires running on netcoreapp2.1. On netcoreapp2.0 and net461 the callback will be invoked but the name will always be null. The name will also be null if the client did not provide this optional parameter.<\/p>\n
\n
public<\/span> static<\/span> IWebHostBuilder<\/span> CreateWebHostBuilder<\/span>(string<\/span>[] args<\/span>) =>\n    WebHost.CreateDefaultBuilder(args)\n        .UseKestrel((context, options) =>\n        {\n            options.ListenAnyIP(5005<\/span>, listenOptions =>\n            {\n                listenOptions.UseHttps(httpsOptions =>\n                {\n                    var<\/span> localhostCert <\/span>= CertificateLoader.LoadFromStoreCert(\"<\/span>localhost\"<\/span><\/span>, \"<\/span>My\"<\/span><\/span>, StoreLocation.CurrentUser, allowInvalid: true<\/span>);\n                    var<\/span> exampleCert <\/span>= CertificateLoader.LoadFromStoreCert(\"<\/span>example.com\"<\/span><\/span>, \"<\/span>My\"<\/span><\/span>, StoreLocation.CurrentUser, allowInvalid: true<\/span>);\n                    var<\/span> subExampleCert <\/span>= CertificateLoader.LoadFromStoreCert(\"<\/span>sub.example.com\"<\/span><\/span>, \"<\/span>My\"<\/span><\/span>, StoreLocation.CurrentUser, allowInvalid: true<\/span>);\n                    var<\/span> certs <\/span>= new<\/span> Dictionary<\/span><string<\/span>, X509Certificate2>(StringComparer.OrdinalIgnoreCase);\n                    certs[\"<\/span>localhost\"<\/span><\/span>] = localhostCert;\n                    certs[\"<\/span>example.com\"<\/span><\/span>] = exampleCert;\n                    certs[\"<\/span>sub.example.com\"<\/span><\/span>] = subExampleCert;\n\n                    httpsOptions.ServerCertificateSelector = (features, name) =>\n                    {\n                        if<\/span> (name != null<\/span> && certs.TryGetValue(name, out<\/span> var cert))\n                        {\n                            return<\/span> cert;\n                        }\n\n                       return<\/span> exampleCert;\n                    };\n                });\n           });\n        })\n        .UseStartup<Startup>();<\/pre>\n<\/div>\n
Host filtering middleware<\/h2>\n
While Kestrel supports configuration based on prefixes such as\u00a0<\/span>https:\/\/contoso.com:5000<\/code>, it largely ignores the host name. Localhost is a special case used for binding to loopback addresses. Any host other than an explicit IP address binds to all public IP addresses. None of this information is used to validate request Host headers. In 2.1.0-preview2, we introduced a new HostFiltering middleware(Microsoft.AspNetCore.HostFiltering<\/code>) that we recommend you use in conjunction with Kestrel to validate Host headers. The host filtering middleware is already included as part of the default WebHost. To configure the middleware, use a semicolon separated list of hostnames in your\u00a0<\/span>appSettings.json<\/code>\u00a0<\/span>file.<\/p>\n
\n
{\n    \"<\/span>AllowedHosts\"<\/span><\/span>: \"<\/span>localhost;127.0.0.1;[::1]\"<\/span><\/span>\n}<\/pre>\n<\/div>\n
Alternatively, you can configure it directly from code.<\/p>\n
\n
services.AddHostFiltering<\/span>(options =>\n{\n    var<\/span> allowedHosts <\/span>= new<\/span> List<\/span><String>{\n        \"<\/span>localhost\"<\/span><\/span>,\n        \"<\/span>127.0.0.1\"<\/span><\/span>,\n        \"<\/span>[::1]\"<\/span><\/span>\n    };\n    options.AllowedHosts = allowedHosts;\n});<\/pre>\n<\/div>\n","protected":false},"excerpt":{"rendered":"
Change default transport to Sockets Building off the improvements to the managed sockets implementation in .NET Core we have changed the default transport in Kestrel from libuv to sockets. As a consequence, the\u00a0Microsoft.AspNetCore.Server.Kestrel.Transport.Libuv\u00a0package is no longer part of the\u00a0Microsoft.AspNetCore.App\u00a0metapackage. How to switch back to libuv To continue using libuv as your transport, you will need […]<\/p>\n","protected":false},"author":1233,"featured_media":21380,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[197,7509],"tags":[7556,7557],"class_list":["post-13065","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-aspnet","category-aspnetcore","tag-asp-net-core-2-1-0-preview2","tag-kestrel-http-server"],"acf":[],"blog_post_summary":"
Change default transport to Sockets Building off the improvements to the managed sockets implementation in .NET Core we have changed the default transport in Kestrel from libuv to sockets. As a consequence, the\u00a0Microsoft.AspNetCore.Server.Kestrel.Transport.Libuv\u00a0package is no longer part of the\u00a0Microsoft.AspNetCore.App\u00a0metapackage. How to switch back to libuv To continue using libuv as your transport, you will need […]<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/dotnet\/wp-json\/wp\/v2\/posts\/13065","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/dotnet\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/dotnet\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/dotnet\/wp-json\/wp\/v2\/users\/1233"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/dotnet\/wp-json\/wp\/v2\/comments?post=13065"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/dotnet\/wp-json\/wp\/v2\/posts\/13065\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/dotnet\/wp-json\/wp\/v2\/media\/21380"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/dotnet\/wp-json\/wp\/v2\/media?parent=13065"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/dotnet\/wp-json\/wp\/v2\/categories?post=13065"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/dotnet\/wp-json\/wp\/v2\/tags?post=13065"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}