Resolved-Failed to determine the HTTPS port for the redirect

In this article, we shall see a few guidelines to resolve the error “Failed to determine the HTTPS port for the redirect” while configuring the HTTP Strict Transport Security (HSTS) header in your website or API.

Today in this article, we will cover below aspects,

Issue Description
Resolution
Approach 1 – Configure X-Forwarded headers
Approach 2- Setting up HTTP Port

Issue Description

ASP.NET Core API or Website runtime gives below error,

Failed to determine the HTTPS port for the redirect

Resolution

This issue generally occurs when configuring the HTTP Strict Transport Security (HSTS) header in the website or API. It is recommended to use HTTPS Vs HTTP protocol.

This is the default ASP.NET behavior where the recommendation is as below,

The use of HSTS means all requests will be routed to HTTPS.
Also, the ability to re-direct insecure requests(HTTP) to secure HTTPS.

Below is the sample code,

 
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
        {
            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
            }
            else
            {
                app.UseHsts();
            }

            app.UseHttpsRedirection();

.
.

     }

Above we have used middleware UseHttpsRedirection which redirects any HTTP request to a secured HTTPS request.

While redirecting the port must be available to redirect the request.

This can also be achieved by setting the variable port using any of the approaches discussed.

All the below approaches ultimately set the environment variable ASPNETCORE_HTTPS_PORT. Please see below for more details on various approaches to setting up the port.

Approach 1 – Configure `X-Forwarded` headers

Configure the API middleware with ForwardedHeadersOptions to forward the two headers in the headers in Startup.ConfigureServices.

X-Forwarded-For

X-Forwarded-Proto

  public void ConfigureServices(IServiceCollection services)
        {
            services.AddControllers();

            services.Configure<ForwardedHeadersOptions>(options =>
            {
                options.ForwardedHeaders =
                    ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;
            });
       ...
       ...

        }

Also, update the configure method as below,

public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
    {
        app.UseForwardedHeaders();

        if (env.IsDevelopment())
        {
             app.UseDeveloperExceptionPage();
        }
        else
        {
            app.UseHsts();
        }

Please note to enable this middleware as the first middleware in the API Pipeline order.

If you see any issues with the above approach, please try setting up an HTTP port explicitly to resolve the issue which can be achieved using any of the below approaches.

Approach 2- Setting up HTTP Port

If the above approach for the Proto header forward doesn’t work for you, you may try the below approach.

All the below approaches to set the environment variable ASPNETCORE_HTTPS_PORT, you can use any of the below approaches to do the same.

Set the environment variable ASPNETCORE_HTTPS_PORT explicitly with the port number.

Using apsettings.json , please add the key value as “https_port“: 443

{
    "https_port": 443,

    "Logging": {
        "LogLevel": {
            "Default": "Information",
            "Microsoft": "Warning",
            "Microsoft.Hosting.Lifetime": "Information"
        }
    },
    "AllowedHosts": "*"
}

HTTPS port can also be set by using the AddHttpsRedirection middleware option as below,

Failed to determine the HTTPS port for the redirect

To set the port number for https_port use configuration or call UseSetting by using Generic Host Builder

HSTS Failed to determine the HTTPS port for the redirect

If the reverse proxy already handles HTTPS redirection, then don’t use HTTPS Redirection Middleware.

References :

ASP.NET Core adds HSTS Security Headers

Did I miss anything else in these resolution steps?

Did the above steps resolve your issue? Please sound off your comments below!

Happy Coding !!

Please bookmark this page and share it with your friends. Please Subscribe to the blog to receive notifications on freshly published(2024) best practices and guidelines for software design and development.

Share on Facebook

Post on X

Save

4 thoughts on “Resolved-Failed to determine the HTTPS port for the redirect”

Hi Admin,
I am hosting my asp.net core inside kuberneties service but port forward not working for me….

admin says:
January 16, 2024 at 2:22 am

Hello Sunder Patil,

Are you getting any error or did you add any logs providing more details ? Please configure your API to work with proxy servers and load balancers using ForwardedHeaders middleware as discussed in Approach 1. Also check on port requirement and set the desired port explicitly in API.
Reply

Thank you, I used Approach 2 and solved the problem

admin says:
February 27, 2022 at 1:37 am

Hi Hadiuddin, thanks! Glad it helped you!
Reply

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

TheCodeBuzz