Hosting ASP.NET Core 2.0 Web Api on Azure Ubuntu Server with Nginx and Mutual SSL Authentication (PART 3)

PART 3: Configuring Azure Network Security Group, Publishing .Net Core Web Api

In this post series, I will step by step show you how to host a ASP.NET Core 2.0 Web Api which is using mutual SSL authentication on a Azure Ubuntu Server using Nginx as the reverse proxy server and Kestrel as the default application server.

In this part we will see how to configure Azure Network Security Group and publishing Asp.Net Core Web Api to Ubuntu Linux server.

For information about how to deploy an Ubuntu Server in Azure check part-1 of this series.

For information about how to setup .Net Core SDK 2.0 and Nginx on Ubuntu Linux check part-2 of this series.

For information about how to setup a service to manage kestrel process, creating self-signed SSL certificate and configuring Nginx as a reverse proxy server check part-4 of this series.

For information about how to setup mutual SSL for client authentication and passing client certificate data to Asp.Net Core Web Api using HTTP headers check part-5 of this series.

Configure Azure Network Security Group for Inbound Port Rules

To manage inbound and outbound ports click on the “Networking” category in your Azure instance management page.

We will add 2 inbound port rules for web access ports (http port 80 and https port 443). Click on the “Add inbound port rule” button.

In the opened view select “HTTP” from the “Service” select box. Leave other fields as default and click “Ok”. Do the same thing for “HTTPS”.

We will add 2 inbound port rules for FTP functionality. (I will transfer the published content from my development machine to Ubuntu server by using ftp. It is not secure to transfer files via ftp but to keep it simple in this tutorial I’m using ftp. If you don’t want to use ftp do not open these ports!)

Click on the “Add inbound port rule” button. In the opened view select “FTP” from the “Service” select box. Leave other fields as default and click “Ok”.

Click on the “Add inbound port rule” button. In the opened view select “Custom” from the “Service” select box. Enter “40000–50000” to the “Port range” field. Write “FtpPassivePorts” to the “Name” field and click “Ok”.

Configure Ubuntu for FTP Access

I will use vsftpd as my FTP server in Ubuntu Linux. To set up vsftpd on Ubuntu 17.04do the following:

sudo apt-get update
sudo apt-get install vsftpd

Before changing the vsftpd configuration take a backup of the config file as a precaution:

sudo cp /etc/vsftpd.conf /etc/vsftpd.conf.orig

Add a user for ftp usage:

sudo adduser mcftp

Add the created user to vsftpd.userlist:

echo "mcftp" | sudo tee -a /etc/vsftpd.userlist

Create an ftp directory to serve as the chroot and a writable files directory to hold the actual files:

sudo mkdir /home/mcftp/ftp
sudo chown nobody:nogroup /home/mcftp/ftp

sudo chmod a-w /home/mcftp/ftp

sudo mkdir /home/mcftp/ftp/files

sudo chown mcftp:mcftp /home/mcftp/ftp/files

Open the vsftp.config file for ftp configuration:

sudo nano /etc/vsftpd.conf

Uncomment the following statements:

write_enable=YES
chroot_local_user=YES

Add the following statements to the end of file:

user_sub_token=$USERlocal_root=/home/$USER/ftppasv_min_port=40000pasv_max_port=50000userlist_enable=YESuserlist_file=/etc/vsftpd.userlistuserlist_deny=NO

Restart the daemon to load the configuration changes:

sudo systemctl restart vsftpd

Install unzip

We need unzip tool to unzip the publish output that we will transfer.

sudo apt-get update
sudo apt-get install unzip

Publish ASP.Net Core 2.0 Web Api to a Folder

Open the ASP.Net Core 2.0 Web Api project with Visual Studio and select “Publish”

Choose “Folder” for “Target”.

Select the desired output folder and click “Ok”.

When you click on “Publish” button all necessary files to host the web api will be moved to the target folder.

Zip the contents of this folder (PublishOutput.zip)

Sending Documents from Development Machine via Ftp (It’s not secure!)

As I mentioned earlier this is just for the demonstration purposes. Sending files via ftp is not secure and should not be done in production environments!

Run the Windows command prompt and execute the following command (with your Azure instance DNS name):

ftp [ubuntu_server_dns_name]

Login with the newly created ftp user. And execute these:

cd files
put PublishOutput.zip

The PublishOutput.zip will be transferred to your Ubuntu Server.

Create a directory for .Net Core application on Ubuntu and copy the zip file:

mkdir webapi
sudo cp /home/mcftp/ftp/files/PublishOutput.zip /home/mc/webapi

Unzip the files to current directory:

cd webapi
sudo unzip PublishOutput.zip

Note: If the unzipped files are in a folder you can move the contents up one level by:

sudo mv PublishOutput/* .

Note: If you want to remove a directory with contents:

sudo rm -r PublishOutput

Now, our Asp.Net Core 2.0 web api files are transferred to Ubuntu server and ready for hosting.

Our series will continue with creating a service to manage Kestrel process, creating a self-signed SSL certificate and configuring Nginx as a reverse proxy web server.

Hope it helps!

Originally published at https://www.weboideas.com on November 24, 2017.

--

--

--

I’m a software development enthusiast who likes trying different web technologies and adding value to his team.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Deterministic builds with go + bazel + grpc + docker

Strong Password Checker

Betburger Software Exclusive Review 2021

Betburger Software Exclusive Review 2021

Spark Interview Questions and Answers | Top Interview Questions HTMLKICK

TAMUctf 2019 Pwn Writeup 1 of 6

Why use CDN based Cloud Hosting Services ?

Bit By Bit: MISSING TWO

Learning Git — Episode 01

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Mert Ilis

Mert Ilis

I’m a software development enthusiast who likes trying different web technologies and adding value to his team.

More from Medium

.Net core Web API Deployment to Azure Service Fabric Cluster using Docker-Compose.

.NET 6 Deployment — Dynamic Variable for AppSettings on Linux environment

Enumerating active directory using C#

Dockerize Asp.Net 6 Application and Push to Azure Container Registry