0

使用 Ocelot 构建微服务架构 我开始在单独的解决方案中构建测试服务。一切正常,我可以得到对https://localhost:5101/service/stats/collected.

然后在另一个解决方案中,我正在制作一个全新的 webapi 项目。然后我跟着Ocelot官网的入门

配置 .json 文件以将其用作 GW 如果我尝试点击https://localhost:5001/api/stats/collected,我从项目中获得 500,但我不知道为什么?

这里是 APIGW 的主要文件:

豹猫.json

{
  "ReRoutes": [
    {
      "DownstreamPathTemplate": "/service/stats/collected",
      "DownstreamScheme": "https",
      "DownstreamHostAndPorts": [
        {
          "Host": "localhost",
          "Port": 5101
        }
      ],
      "UpstreamPathTemplate": "/api/stats/collected"
    }
  ],
  "GlobalConfiguration": {
    "BaseUrl": "https://localhost:5001"
  }
}

程序.cs

using System.IO;
using System.Net;
using Microsoft.AspNetCore.Hosting;
using Microsoft.Extensions.Configuration;
using Ocelot.DependencyInjection;
using Ocelot.Middleware;

namespace APIGateway.Base
{
    public class Program
    {
        public static void Main(string[] args)
        {
            new WebHostBuilder()
                .UseKestrel(
                    options =>
                {
                    options.Listen(IPAddress.Loopback, 5001, listenOptions =>
                    {
                        listenOptions.UseHttps("localhost.pfx", "qwerty123");
                    });
                    options.AddServerHeader = false;
                }
                    )
                .UseContentRoot(Directory.GetCurrentDirectory())
                .ConfigureAppConfiguration((hostingContext, config) =>
                {
                    config
                        .SetBasePath(hostingContext.HostingEnvironment.ContentRootPath)
                        .AddJsonFile("appsettings.json", true, true)
                        .AddJsonFile($"appsettings.{hostingContext.HostingEnvironment.EnvironmentName}.json", true, true)
                        .AddJsonFile("ocelot.json")
                        .AddEnvironmentVariables();
                })
                .ConfigureServices(s => {
                    s.AddOcelot();
                })
                .ConfigureLogging((hostingContext, logging) =>
                {
                    //add your logging
                })
                .UseIISIntegration()
                .Configure(app =>
                {
                    app.UseOcelot().Wait();
                })
                .Build()
                .Run();
        }
    }
}

启动.cs

using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;

namespace StatsService.Base
{
    public class Startup
    {
        public Startup(IConfiguration configuration)
        {
            Configuration = configuration;
        }

        public IConfiguration Configuration { get; }

        // This method gets called by the runtime. Use this method to add services to the container.
        public void ConfigureServices(IServiceCollection services)
        {
            services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
        }

        // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
        public void Configure(IApplicationBuilder app, IHostingEnvironment env)
        {
            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
            }
            else
            {
                app.UseHsts();
            }

            app.UseHttpsRedirection();
            app.UseMvc();
        }
    }
}

更新:

我发现通过options在方法中注释来禁用每个项目的 SSLUseKestrel会使我的 GW 工作。如何设置它以在我的 GW 和服务之间建立安全连接?本地主机和产品?

4

1 回答 1

1

当您使用“localhost”作为主机名时,我猜您正在为 localhost 使用自签名证书。在这种情况下,您可能需要添加

"DangerousAcceptAnyServerCertificateValidator": true

到您的 ReRoutes 配置(请参阅https://ocelot.readthedocs.io/en/latest/features/configuration.html#ssl-errors)。

其他选择是:

  • 使用有效的证书(本地主机很难实现)
  • 在用户的证书存储中将自签名证书注册为可信证书。
于 2019-08-09T15:42:20.223 回答