Allows loading of TLS (HTTPS) certificates for .NET 6.0/7.0/8.0/9.0 Kestrel web applications, allowing for refreshing of certificates as well as compatibility with HTTP/3. Fully compatible with certificates obtained by Certbot (see sample project without middleware or see sample project using middleware).
The recommended means is to use NuGet, but you could also download the source code from here.
TlsCertificateLoader.TlsCertificateLoader tlsCertificateLoader = new(fullChainPemFilePath, privateKeyPemFilePath);
options.ListenAnyIp(433, o =>
{
o.SetTlsHandshakeCallbackOptions(tlsCertificateLoader);
o.SetHttpsConnectionAdapterOptions(tlsCertificateLoader);
o.Protocols = HttpProtocols.Http1AndHttp2AndHttp3;
});And to refresh (eg either on a Timer or watching a directory via PhysicalFileProvider):
tlsCertificateLoader.RefreshDefaultCertificates();You may also add additional certificate collection for other hostnames (for example if you want to set up mydomain.tld as your default certificate and www.mydomain.tld as your alternate one):
tlsCertificateLoader.AddAdditionalCertificates("www.mydomain.tld", fullChainWwwPemFilePath, privateKeyWwwPemFilePath);And to refresh additional certificate collections (eg either on a Timer or watching a directory via PhysicalFileProvider):
tlsCertificateLoader.RefreshAdditionalCertificates("www.mydomain.tld");A sample project using Certbot is available.
Refer to the sample project using Certbot using middleware.
David Fowler for this idea.