Openid Configuration Http/Https

So changed http configuration to this:

  RewriteEngine On

  RewriteCond %{HTTPS} off
  RewriteCond %{REQUEST_URI} !^\/\.well-known\/acme-challenge\/.*$
  RewriteRule (.*) https://REPLACE_BY_PUBLIC_DOMAIN/$1 [R,L]

Also needed to add

`IDENTITY__MULTIPLEDOMAINS=true`

On docker-compose.yml for start working.

1 Like

Hi pringi ,

I deployed squidex 7.3.0 on my k8s cluster , i have exact the same issue as you reported , but i still can not fix it .

Hi Sebastian,
will you fix this issue and release a new version ?

Can you just describe the problem again? Because from reading this post it seems it was a misconfigration.

Hi ,Sebastian

For the configration : ASPNETCORE_URLS=http://+:5000 , do i need to change it to ASPNETCORE_URLS=https://+:5000 if the baseurl is https .

after change ASPNETCORE_URLS=https://+:5000 .
I got this error :

Unhandled exception. System.InvalidOperationException: Unable to configure HTTPS endpoint. No server certificate was specified, and the default developer certificate could not be found or is out of date.
To generate a developer certificate run ‘dotnet dev-certs https’. To trust the certificate (Windows and macOS only) run ‘dotnet dev-certs https --trust’.
For more information on configuring HTTPS see https://go.microsoft.com/fwlink/?linkid=848054.
at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.UseHttps(ListenOptions listenOptions, Action1 configureOptions) at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.AddressesStrategy.BindAsync(AddressBindContext context, CancellationToken cancellationToken) at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.BindAsync(IEnumerable1 listenOptions, AddressBindContext context, CancellationToken cancellationToken)
at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.BindAsync(CancellationToken cancellationToken)
at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.StartAsync[TContext](IHttpApplication`1 application, CancellationToken cancellationToken)
at Microsoft.AspNetCore.Hosting.GenericWebHostService.StartAsync(CancellationToken cancellationToken)
at Microsoft.Extensions.Hosting.Internal.Host.StartAsync(CancellationToken cancellationToken)
at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.RunAsync(IHost host, CancellationToken token)
at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.RunAsync(IHost host, CancellationToken token)
at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.Run(IHost host)
at Squidex.Program.Main(String[] args) in /src/src/Squidex/Program.cs:line 17

These are two different things:

  • ASPNETCORE_URLS tells the web server (kestrel) on which URL to listen. If you use https, you need to specify a certificate. But I recommend to let the reverse proxy handle that for you.
  • URLS__BASEURL is the the public facing URL that is used. When you have Squidex behind 3 layers of proxies and load balancers this URL can get lost and therefore you have to configure it. It is needed to generate some URLs, e.g. for authentication.