Install an ASP.NET Core Web API on Linux and Host with Nginx and SSL

Thing’s you’ll need: PuTTY 🧱, Mouse 🐁 (okay this is linux so you wont really need a mouse) and linux is free so you wont need cache.

Table of content:
1. Install .net core 3.1
2. Install Nginx
3. Build and copy your application
4. Configure your Nginx server block
5. Create your Asp.Net service
6. Secure your hosted application with SSL

Install .net core 3.1

I built an application with .net core 3.1

To install that run the following:

Install Nginx

Run the following commands to install Nginx

You can check the status of your Nginx to make sure it’s got an active running status:

Build and copy your application

I right click in the visual studio solution explorer and click publish and then I publish the code to a folder.

You can also do this with the .NET Core CLI command.

I use Filezilla copy my built code. Copy and paste your built code folder to the folder on the app.

Configure your Nginx server block

This service block will expose your internally hosted application to the outside work. To edit it run the following (I use vim but you can use your text editor of choice):

Your service block should look as follows:

After saving your config file you can start or restart your Nginx service

Create your Asp.Net service

Create the service file

Service file example:

Save the file and you can enable the service as follows:

Then you need to start your service:

Check that it is running as follows:

If the application is not running successfully when you check the status you may need to look at verbose logs for debugging. To do this run use the journalctl interface:

Secure your hosted application with SSL

In order to encrypt your api you will need to get a domain. I would recommend looking at Godaddy or Namecheap.

We need to create an A record in the DNS settings which points to your server address.
Type: A
Name: api.{your-domain}.com
Value: {Ip address of your server}

Install certbot

Install certbot-nginx

make sure your nginx service block server_name is set to the domain you want to secure

Certbot will read that value from the server block to create your certificate.
Create the certificate:

follow the dialog and once its succesfully decide whether you want to redirect all traffic to https by entering 1 or 2 in the dialog.

Finally check that the auto-renewal for your certificate will work with no errors:

Once that is set up you might need to open up a new port on your linux box. The default https port is 443.