Is there an existing issue for this?
Is your feature request related to a problem? Please describe the problem.
Currently, YARP endpoints can be configured via extension methods, but there is no first-class way to support HTTPS endpoints with certificate configuration (pfx and pem) through these extension methods. This gap makes it challenging to securely expose endpoints in YARP containers and to map HTTPS settings from appsettings.json, as outlined in https://learn.microsoft.com/en-us/aspnet/core/fundamentals/servers/kestrel/endpoints?view=aspnetcore-9.0#configure-https-in-appsettingsjson. Developers need to be able to pass certificate information (path and password) directly to the container in a robust, first-class manner.
Describe the solution you'd like
Add extension methods to YARP that enable configuring HTTPS endpoints, supporting certificate passing for both pfx and pem formats. The goal is to allow configuring endpoints using appsettings.json style configuration, such as:
"Certificates": {
"Default": {
"Path": "<path to .pfx file>",
"Password": "$CREDENTIAL_PLACEHOLDER$"
}
}When HTTPS certificate information is provided, the endpoint should be added to the container as HTTPS, matching the configuration API for Kestrel. This should be a first-class experience for extension method users.
Additionally, set both HTTP_PORTS and HTTPS_PORTS environment variables when configuring endpoints to support both HTTP and HTTPS in containers.
Relevant code locations:
This will enable secure, flexible endpoint exposure for YARP containers in Aspire applications.
Additional context
- Support pfx and pem certificate formats for HTTPS endpoints.
- Integrate HTTPS endpoint configuration with extension methods for YARP resources.
- Map appsettings.json HTTPS configuration to YARP endpoints in the container.
- Update docs and samples as needed.
- See related code in
YarpResourceExtensions, YarpCluster, and tests such as YarpFunctionalTests.cs.
- Ensure HTTP_PORTS and HTTPS_PORTS environment variables are set appropriately to enable both HTTP and HTTPS endpoints in containers.
Is there an existing issue for this?
Is your feature request related to a problem? Please describe the problem.
Currently, YARP endpoints can be configured via extension methods, but there is no first-class way to support HTTPS endpoints with certificate configuration (pfx and pem) through these extension methods. This gap makes it challenging to securely expose endpoints in YARP containers and to map HTTPS settings from appsettings.json, as outlined in https://learn.microsoft.com/en-us/aspnet/core/fundamentals/servers/kestrel/endpoints?view=aspnetcore-9.0#configure-https-in-appsettingsjson. Developers need to be able to pass certificate information (path and password) directly to the container in a robust, first-class manner.
Describe the solution you'd like
Add extension methods to YARP that enable configuring HTTPS endpoints, supporting certificate passing for both pfx and pem formats. The goal is to allow configuring endpoints using appsettings.json style configuration, such as:
When HTTPS certificate information is provided, the endpoint should be added to the container as HTTPS, matching the configuration API for Kestrel. This should be a first-class experience for extension method users.
Additionally, set both HTTP_PORTS and HTTPS_PORTS environment variables when configuring endpoints to support both HTTP and HTTPS in containers.
Relevant code locations:
src/Aspire.Hosting.Yarp/YarpResourceExtensions.cs: Extension methods for resource configuration, e.g.,WithConfiguration,WithHostPort.src/Aspire.Hosting.Yarp/ConfigurationBuilder/YarpCluster.cs: Cluster and endpoint URI logic supporting HTTP/HTTPS endpoints.src/Aspire.Hosting.Yarp/IYarpJsonConfigGeneratorBuilder.cs: Interface for building configuration files for YARP.playground/TestShop/TestShop.AppHost/Program.cs: Example usage and configuration patterns.This will enable secure, flexible endpoint exposure for YARP containers in Aspire applications.
Additional context
YarpResourceExtensions,YarpCluster, and tests such asYarpFunctionalTests.cs.