SSL encryption on self-service OWIN WebAPI

Question

SSL encryption on self-service OWIN WebAPI

I am creating a standalone OWIN based WebAPI with static content. Without ssl, everything works as it should, but I really don't know how to implement ssl.

I've read the manuals here and here , but the question is: do I need to secure the port that webapi is using (in my case: 9000) or the standard port 443?

Static content should be a simple url like www.mysupergreatsite.com (no port). When the url is called, the browser must be redirected to static files ... to port 9000 I guess ?!

Is this a good way to make a litte redirect site elsewhere (like iis)?

+3

ssl owin static-files asp.net-web-api2

Daniel R. Jul 17 '15 at 9:10

source to share

1 answer

richzilla · Accepted Answer · 2015-10-30T11:58:13+0000

You want to run SSL on a port facing the outside world. It doesn't really matter which port, but by convention 443 is the default for SSL and therefore doesn't need an explicit port. If you don't want your users to explicitly enter the port, you need to either

Run the application on port 443 or
Change the default SSL port

Changing the default port can be done by IIS when creating your site binding:

SSL encryption on self-service OWIN WebAPI

More articles: