Skip to content

SSL Certificates and HTTPS

You can switch SSL on or off through each container’s Settings.

Free SSL certificates are available for every container or website on Webslice Containers. It takes one click to enable SSL and have your websites load over HTTPS. Without SSL, your site will be too insecure to display on most browsers.

The platform is integrated with LetsEncrypt, which is a free and open certificate authority. That makes it incredibly easy to enable (and disable) SSL certificates at any extra cost.

How SSL Works

SSL (secure sockets layer) provides a secure connection all the way from your Webslice container to the browsers that visit your website. This allows data to be transmitted securely over HTTPS, which is a security standard enforced by most browsers.

Technically, SSL is an outdated name for what is now known as transport layer security (TLS). If you’re after more details, Wikipedia’s TLS article is very thorough.

Using Your Own SSL Certificate

If a free SSL certificate from LetsEncrypt isn’t right for your website, you have a couple of options:

  • Bring your own certificate.
  • Buy a certificate from us, with either standard or wildcard domain coverage.

In either case you’ll need to get in touch with us so we can help get your certificate properly installed. Email support@webslice.com or open a new support ticket.

How to Enforce HTTPS on a Web Container

Traditional approaches to redirection might not work with Webslice Containers, because requests are all served by a reverse proxy. We recommend that you use the X-Forwarded-Proto header and modify your web server configuration files. Examples for Apache, Nginx, and ASP.NET as below.

Apache Webservers

The code you need to enforce HTTPS is:

RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

One option is to look in your home directory for the folder config/apache2/sites-available/, then edit the 000-default.conf file as follows:

SetEnvIf X-Forwarded-Proto https HTTPS=on
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</IfModule>

A second approach is to add the same instructions to the base .htaccess file, which is in your public directory.

For your configuration changes to take effect, you’ll need to reboot the container.

Nginx Webservers

In the server directive, add this code:

if ($http_x_forwarded_proto != 'https') {
rewrite ^ https://$host$request_uri? permanent;
}

The entire configuration ought to look something like this:

server {
listen 80 default_server;
# Your other config here.
# and here...
if ($http_x_forwarded_proto != 'https') {
rewrite ^ https://$host$request_uri? permanent;
}
}

For your configuration changes to take effect, you’ll need to reboot the container.

.NET/ASP.NET

For containers running our .NET Core + SDK 6 / 7 images, you’ll need to configure the web server to allow proxy connections and also set up URL rewriting. The following changes will need to be made to the file that will configure your web application. In this example, we’ll be using an Umbraco project.

public void ConfigureServices(IServiceCollection services)
{
// Set up what configurations we need to make to the service
services.Configure<ForwardedHeadersOptions>(options =>
{
// Sets the expected Forward headers
options.ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;
// Both functions allows any local network or proxy to connect
options.KnownNetworks.Clear();
options.KnownProxies.Clear();
});
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
// This adds the forwarded headers from above.
app.UseForwardedHeaders();
// Enforces HTTPS redirection
app.UseHttpsRedirection();
// Adds our own rewriter that uses the IISUrlRewrite.xml file
app.UseRewriter(new RewriteOptions().AddIISUrlRewrite(env.ContentRootFileProvider, "IISUrlRewrite.xml"));
}

Next, we create a new xml file that will have our rewriting rules. We’ll call it IISUrlRewrite.xml for our example.

<?xml version="1.0" encoding="utf-8" ?>
<rewrite>
<rules>
<rule name="Redirect to HTTPS" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
<add input="{HTTP_HOST}" pattern="^localhost(:[0-9]+)?$" negate="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:0}" />
</rule>
</rules>
</rewrite>

Microsoft’s ASP.NET documentation has more about rewriting URLs.

After this, the final step is to include the file into your project by editing the .csproj file. Add the following lines:

<ItemGroup>
<Content Include="IISUrlRewrite.xml">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
</Content>
</ItemGroup>

For your configuration changes to take effect, you’ll need to reboot the container.